{"report_id":"ec132ed2-a5d6-4fbb-80e0-1675dd0aaa75","version":0,"status":"done","tags":[],"date":"2026-07-12T20:48:44Z","url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"172.67.150.180","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"title":"Porawex — Online Games \u0026 Rewards","dom":{"size":214287,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65470), with no line terminators","md5":"170fa55d77f6882dfa08ab0e4291685f","sha1":"93978edf93f83f55f4755c6303b316ec5748c82c","sha256":"a8b384ef2d498b415a5cd68fdcd01d9213c2919d966b4649f135ddd3be44fee6","sha512":"0b385942e39ff8f709d52f43caab7544842748165f23d48bbdaddb2fdd9ec0171f3ecbc68561c2e060fe5ced249df3165d04dc49306d27dcc8f7c28f4eb5ac5a","ssdeep":"1536:II3jpxX0t6kVgadnQF44MYYWjFvlJTRTgbR6666JQ6666T6666gK/wBsLlk5wTTK:IIzrX0bK/wBsLVHqpcQ3W3IN","tlshash":"1724c831e308591d7037c584ea61bf5e72b9c206d31a552ce3fe6475e38b8faa5272c8","dom_hash":"domhashf39814575bb563675f86561f77ff8cae","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"172.67.150.180","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-16T20:48:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"connect.facebook.net","ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"domain_registered":"2004-04-01","domain_rank":1088,"first_seen":"2012-05-22T02:51:28Z","last_seen":"2026-07-07T05:20:20.211541Z","alert_count":0,"request_count":1,"received_data":385375,"sent_data":464,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-07-05T22:22:24.069932Z","alert_count":0,"request_count":1,"received_data":33694,"sent_data":743,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"porawex.com","ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-07-05","domain_rank":0,"first_seen":"2026-07-10T11:26:59.297201Z","last_seen":"2026-07-10T11:26:59.297201Z","alert_count":116,"request_count":116,"received_data":13852208,"sent_data":72809,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-07-05T22:48:05.057169Z","alert_count":0,"request_count":4,"received_data":14426,"sent_data":2272,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-07-05T22:19:28.847206Z","alert_count":0,"request_count":7,"received_data":277771,"sent_data":3883,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/9792-bbed82e0e875a1e0.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b082208296b9b3705076807c6a765752","sha1":"df9d0a8602debe4cc087445f2f2928428a8dd8f8","sha256":"e5cc5cd6fd587fd300815648759a627ef8c4dc295d75f12440f6d27de6b02924","sha512":"44a1bafc5746c002fc285d55b8f9240e4dc493c65c631114334e52b732499504fee8c0449fbebf9d50205593347c073ebedd5e48fb1e606a37f7cb474066b846","ssdeep":"192:O3Yaic4We1aowaYz4n6rUGUCKbLgcJ/t/ml/6/hYmPE:O3LuWsYn/8rc/8E","tlshash":"76121b92baa2f8b291bb6552683703863130277b790b4441a3bb4cac2354f59b4d3f5d","size":9337,"data":"","first_seen":"2026-07-10T09:45:03.521341Z","last_seen":"2026-07-12T22:01:35.311525Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/4038-49fdd8ae32fa9982.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fcc0345f008acbe8f529de677f7ea0b8","sha1":"4709ac8c02289d17f1a27caf9f719c3199e33199","sha256":"94702b098b138dcadab4016ec2aaa5431ce4daf3592629f2b1bd4bfea2c18363","sha512":"40efb9d579d53f9a2b66c219b459d80829c15026ef38f76021613ef87027131a8a09f3ad0c4cbc7d7421f37e3632c419088eeafc6f2907fd8b471081a65c4f18","ssdeep":"1536:kjI+qNzajw1Muc9T05eMK89JgRPWSEtmfPjvss85QxnpYQoQCsdZ:k0plajw1Cez9JgRPItmf7v85mnWRmdZ","tlshash":"178319256609315cf17bc58872cfd91db26e362ce61ac578bf3e7829179a0f4b126f80","size":82267,"data":"","first_seen":"2026-07-12T17:38:11.838423Z","last_seen":"2026-07-12T22:01:35.286472Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/app/(main)/page-1242cbe80559576f.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ee880e294b488be8baf2ca00c36378c","sha1":"8097afdbc5ddf81116d40b3ee666e00de6c6f3e0","sha256":"ef032dd04b290288f2ae2edc7770a8d5b9326fcef21f5bc58b25227269543da0","sha512":"3eb17709c4aec980db281cba79a3b2a34ab80a6faa5937533e6b892184a66f54ccabf143dbee2d30eb530a94f2627e766a7452702e844f442e436f1d413dcf8c","ssdeep":"1536:7cJf0hkZ9geTeIY6rGa5cd1Q8g993275WBWVQ4u:7y3ej6Ka58g993UZQ","tlshash":"8863193a975a7918f837ca8c769f410cb16e4528a34e0db4a7bbac3113854f4b667fd0","size":70076,"data":"","first_seen":"2026-07-10T09:45:03.50869Z","last_seen":"2026-07-12T22:01:35.305089Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/fbevents.js","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"007129bcfbeea244b6e4b88cd253e960","sha1":"b8116239bb207bda191485bd2eb0f3bcf39b2f55","sha256":"525a75a05d2ded55a857efc20611ca9d97b5a5a71ef56dc22a6354c3b0ee2253","sha512":"169cff9a119b5883d154351879acb982f4a96c9b7728e6a3f226703766d29e53fb445966850bad4ed120f4614cee1074995af2be56b1cabf0d24b0b59ab0a79f","ssdeep":"6144:E7gAVTJGD0ML9RBTD+4Yd0E+brBLrxQqR/ddFriG2XPHnNpnK01lzrYzOOlvBZSk:SnWO0dgPHnNpnK04NSk","tlshash":"b784e789b1e1b0a103b6796c966f9007b2bbd5a234ccc960e55dedc82d7c49e4133eb7","size":381376,"data":"","first_seen":"2026-07-01T21:14:37.40446Z","last_seen":"2026-07-13T10:33:13.796924Z","times_seen":719,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/6477-9e02b2a147e40874.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9572bd36ad48a0afeec6633517fa7710","sha1":"d6483ba4eef36b13eb61477ac213fb9e4209bbdc","sha256":"597b7a3a3a772044b01484b288189b297f5295509a6b9834b5a3e20ffa3c3ac8","sha512":"870b80a2619e547b7aba1eb21b54d03136d56ee0e07a197510acc346f159ca8fbc1224e2934260f169a4836806d99e7ae9bae320bf5f2202ee18679492454f60","ssdeep":"12288:8YvBFTs8FN+95dzoX8i3UEPLBTXyXTUCI3184x1BZcWt/6BHsYfowoy+INtbkflt:8YvnXFZ848GYfowoAeOXwF","tlshash":"ad955c0c4b6c34ba06dd77c236cd1f36aaec4db5a6d1d2128cbe566d21ecc38923d658","size":2057604,"data":"","first_seen":"2026-07-12T17:38:11.939923Z","last_seen":"2026-07-12T22:01:35.325726Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/5708-926a5cbb3579d1f7.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b58d901009e5dd078ec84a30e48e151d","sha1":"f871fd5e9a02a283c8e31a9be700e4ae15715e17","sha256":"0faa839769526c3620c7c8f7bc9b4b78004ef9980c103cd365079fbbedff3ab4","sha512":"b31d347b922a69e047655ced69bf8b14f63967d19b9b2df4b68726f51b5462170295305ad351d502bc84613fa23d89898c53400e8ce7adfa908d20f7c8ccf899","ssdeep":"384:u4daU8llCsp4PSOIX+lhs1UW5KRJ2YE7d2BzS+k0JQu2U67PMvia+MT/BuM+Mn4U:u4davGFu+j22","tlshash":"f1c27019aa4ba4bb87f116ef697d0b8401af075ff548ce17e529cf183347a252c91e2c","size":26916,"data":"","first_seen":"2026-07-10T09:45:03.479914Z","last_seen":"2026-07-12T22:01:35.306961Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c3e3e350f78cf22bd7b335d70b41a58a","sha1":"cce22220b6a8dff76692755cc45439b4ec474a4d","sha256":"ee6bb81f4e9fc030a39a7c71affc4d1f2b900baa4b4c7af83361388d7c39599b","sha512":"15b6cbf8bd67e82a4952004138ebc95c44e4d373317826f1560eeec13416cc1d6a38d834609ef4b713e7a9c92d1b1bbf84de08e2e4061ed3d1e3891982c25b0a","ssdeep":"","tlshash":"3f90025ff2302063a756122b166f15456421626565550869123830eb4955148474265c","size":57,"data":"","first_seen":"2025-06-30T14:23:19.448274Z","last_seen":"2026-07-13T11:17:24.849497Z","times_seen":57655,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b3594c64cf924625c05a7010cafc018a","sha1":"0dfbc548122dea0a68476b400895ffa1eb22f645","sha256":"93268a0726ec1efaa676ae5171f84267e72b7c3d215b6190794cb4069d5f58d8","sha512":"8f1d3fdc6a2935557a199535e172a92c825bbd1b2ddf25cc9be3968fcd444cd0a4e023bd3eeb90c2c222588defbcb5f1ad05dfbd1f542eeb760769db532fd282","ssdeep":"","tlshash":"420156a9f32819da66d92fbfa06b570c7460203e380600319507edfa1700de021cbd8e","size":845,"data":"","first_seen":"2025-08-20T20:29:16.213676Z","last_seen":"2026-07-13T10:45:18.958871Z","times_seen":6570,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-07-13T11:17:56.777786Z","times_seen":186267,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4298e3bb283284174c517caafc804001","sha1":"41c638305509f5f2e3abadbdd4492ce79222eaee","sha256":"2dbdae79ed4c2bd1f5c11d999bb8bcc387150fc2e7ab673cb0d69e1d932c3024","sha512":"6e508f1126991f563e8c94ad6ff5d2bb7e690d4886a36d550fd801ed423f03997061cc0d56251d9aa3a066005e6824cdd2779f80855cdc6e2759d06e41f3b8de","ssdeep":"","tlshash":"8b41481fb408f5426da3de4b04b62e3b8a9de977413dc5acc48ed83a0121a3f9388d11","size":2252,"data":"","first_seen":"2026-07-12T17:49:20.821728Z","last_seen":"2026-07-12T21:19:32.008728Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e1d1a3e87b524038ea9f8d4bc11fa411","sha1":"3099971547042a5cc87f9e25b123d993c8421c08","sha256":"dd8764264d7017fdcccf3e9a381ad04383d1c38e47ae604f167004b28964b287","sha512":"617e71b2e94999b79aecd57bea4525e8cc9005f6807454f3e879815d8a1f803ccc3318973469690fb0fe4d9a5232a19b653bcc3174ec7c89abf7bbf5aba1abf0","ssdeep":"","tlshash":"2141d10f6404e4066ee3ec9b48b32e3b8a4dda73827cc5bdc95ed87a012163f0399d16","size":2246,"data":"","first_seen":"2026-07-12T17:49:20.822757Z","last_seen":"2026-07-12T21:19:32.00974Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d91c8a2fa4efdb74b884f4d6f04c3f00","sha1":"644c3855261a57256c6f61e719cbf6b13f9951f9","sha256":"7a89c32af7f910ef53e5160efe14b510a67cc816de95f7f47b9e43f486599c54","sha512":"3b569525f35a3f2c143ea05171b418da63aa87d90ba4fa9d18eb39f9c2bdca545d61e4a985b1988820f318789a58f925bc125460d84ce1a4889e354a493637db","ssdeep":"","tlshash":"15e0861f5040fc06aaa2dc9b09372e26ca8ce97741bc846dd6aed8a9020173a139dd16","size":355,"data":"","first_seen":"2026-07-12T17:49:20.823673Z","last_seen":"2026-07-12T21:19:32.010362Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"203056cdcc4224e25edae862d03a6300","sha1":"c908d269a0153770508bfc630c36c5b381c164a0","sha256":"90d7e8caff211e1ef1ac3262279bc85809f977c39367ba77b4749b81a9f9884b","sha512":"903ea68146b70b9fe4248a57492423b1f45c45430b949fc5652ccc8ea75a42bf2fb48b6db01e3a2f6a313a720f810fe3652872d99d08734cff73ab46750a710a","ssdeep":"","tlshash":"b271d5367203cf5fd89e7956147e0dba694c8b7e9ea0c694c1f1de30458ac78afc5880","size":3514,"data":"","first_seen":"2026-07-12T17:49:20.82456Z","last_seen":"2026-07-12T21:19:32.011224Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e796396e0170414cedc055e68d04975c","sha1":"9b5c86da1a74a28c19e5825c6c07f2f55aef1332","sha256":"8d87f005b9c6cb6f3bd38673153369618fd9a26c47376f9267fb9993b8099d36","sha512":"fe505073cde7b70911c63c89b49f13ddccde9b2d43440ff55a11e7bd2133f26c5f87085768c691f857a7190b820620274ee9f62b8f30261b7e999bdb54ec5585","ssdeep":"","tlshash":"a231f03c3008d94ffd997d1912be6d3a50dd456f03e59a788bc8de014a824be7b92e81","size":1686,"data":"","first_seen":"2026-07-10T09:50:21.092118Z","last_seen":"2026-07-12T21:19:32.012023Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"bca05ebaa352dec1376ce72326c8e630","sha1":"c6887c48602e2409d820efafa512a87096c55bac","sha256":"f21861004f3a33c77b5b445a8d29937519660dd789bf8b3db4024113120720da","sha512":"60d9f0ec8164085c963f728e8ed994ffb6125252f46254f6a41de391cb909ed88bc2cf0414b6081ee9686c15c28a654e5c3ec7b93ddd36b53e2d86f0abcfc891","ssdeep":"","tlshash":"e2418874a409fa8afd9eb958503eec3a20ce859f4ad19f7942d6cc64460247e3783dc0","size":2398,"data":"","first_seen":"2026-07-10T10:21:04.29759Z","last_seen":"2026-07-12T21:19:32.012621Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"645b52a9795cf944c8c4b5658bd3b6a7","sha1":"0ed2181c44b78d2e9277f2f5a1f2f3d3f5bdb59b","sha256":"4f3a042ce8abfb0e6fab5f8ffb542b36fd9c6cfb0e30e9d52b0f2f0e8f909891","sha512":"5edb565e2080a6b054539641ead997e548a9075eace29e854bbd6ac8d06878810125a394892ff470691c1de925389de292ff586164138f7bf9e7c8986ed98c20","ssdeep":"","tlshash":"38d02ba09c92cc0dc7660f3a183f5c3921ccc66102496246fc89db784a8ae340aa0ec6","size":279,"data":"","first_seen":"2026-07-10T09:50:21.094557Z","last_seen":"2026-07-12T21:19:32.013375Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1280c0c0111f8915850a7e694cdb5061","sha1":"9d0463cbcb9075168a6df26e294b2128d0dac82e","sha256":"b533f3d4ee3d1ad3b5ad9eda81fb36d16a1c7a99ecabd720efb9f8e5fad287db","sha512":"39af3408291e17f45470606b85e994986f1d4468a1e0d8a2a3808dc34a442a5cfed5f6c11cb7fc6be7d77014e20ef3d3582dcfc9b72d6b69d1be47f6cd957751","ssdeep":"","tlshash":"d39002a0d58d0d668032055264241c094798c40d00445d8012e550cd5062995a555d4d","size":55,"data":"","first_seen":"2025-10-02T06:34:56.794292Z","last_seen":"2026-07-12T21:19:32.014049Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"715514b7364a34f8dfc46db80fc42bc2","sha1":"f4edf0271a13049ae1fc702039fcb3b5dfa16ec1","sha256":"5b2a0db3733a7cf9edb079f001ee1aeb1531f16d341e0f4afa9db69bf0324f8a","sha512":"959b51e673c5a69d590043f8ed7efba0a39bb21819396b2ec01a74145ba6c503f9345156e789d45f577a391a21deb24cd9b2df596949758ad43ce3275caa94c6","ssdeep":"","tlshash":"e551efa39d15de05cbcbaf08297f3cb024ccc6939245915fe19dc924418b97829f5f62","size":3122,"data":"","first_seen":"2026-07-10T11:27:04.769115Z","last_seen":"2026-07-12T20:48:52.826892Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20281e45103fdcedd0a42ece4b5d8566","sha1":"365152b9a541be927ed138e1b4a9eaeb8b0fe0de","sha256":"f158da4b9371d073bc1d9cca38044807cb946788682b45acc28a6cadbba77aba","sha512":"92f35e9bde5ccb7ebd0ed0d1d85bf89f719bc588aa9458453c0df76843d28470015e2616fbee4ee915659dd6fec41a9c4b52fb78ac3b5c09501b5a8b8d86b4c1","ssdeep":"","tlshash":"cb900470f1400c574431001314fc711115dcd14c04010d001f515f473c131557f0dd47","size":45,"data":"","first_seen":"2025-07-25T19:48:55.250327Z","last_seen":"2026-07-13T06:13:29.822158Z","times_seen":5708,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4f58df8ef556437633bb90cc31469c4","sha1":"c1c713bb5046a54cb79a8e7537b6d7fca624fd45","sha256":"2dcb2e50c883929aebb7a64a7a22cfe2260d856a3c36a6926c082da19c552b7b","sha512":"54c8a79f5897cd198db689700c24f950ad7fe19eed815f8bfa0e47428701d8c84a1fd8f677a6f1b2a4f1443f35f2dbd19e6f456ceeebfb1c59275bb356e1a5e9","ssdeep":"","tlshash":"bfc02b041427c47b421c6f4dc02243d4e4b020bcdc492480801d181800d0c313b40cd6","size":130,"data":"","first_seen":"2025-03-25T18:26:20.414558Z","last_seen":"2026-07-13T11:19:09.144954Z","times_seen":50861,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5a87f811171a797b89b8d185d7a93052","sha1":"e9b49c2be7f7cd86eab532f326af34e997a7d949","sha256":"a2de2e58c50b3a040444955e5bed514b82e241acde87d5586be2336f0097e375","sha512":"3da88dfa70488afca88098c84a064e1b31bb7ce6cff36f4007be560397025f19fad3e934c5416a975c8e820b58006735439fb8ec3caded395d2499a4fc1765e5","ssdeep":"","tlshash":"1c60000000c3003c0fc300003cc0cc30cc30f000300c0000000f03c00000000030333c","size":16,"data":"","first_seen":"2023-03-08T20:20:25Z","last_seen":"2026-07-13T09:57:37.200091Z","times_seen":12458,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f1d8410f129a659e882f6e80ef48b45d","sha1":"1d6480ba482cd0fcc0885d521778381d29e1b6d2","sha256":"8f1a66bb3132bd59867f5baedeb2e755bfbe69ce10d24878f5514897051fe90d","sha512":"2e54e53cbfdabdccce0dba0339a04be14d2c920eda6c5755914f646e83662898332fbacffdab854fe73d5d31dd4e4d469a06c89a4d8f48bad460bf2fd47403ce","ssdeep":"","tlshash":"cf6000300cc3000c000000c030000cc00c03f000300003300003030c0003cc0033300c","size":16,"data":"","first_seen":"2023-05-01T16:55:24Z","last_seen":"2026-07-13T10:45:18.959992Z","times_seen":9997,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/app/error-33d1788fed5ffb4f.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5127c8a0bf18bf19c981c4c0f5fd3b5d","sha1":"f812e3d7611042d8be29a2491fa3cbbaf991d54a","sha256":"937b53427e51b436510f6512d504cecc2f6b5478328d3f8e1ce04c45758345b6","sha512":"46314691bf04c743c678ec3b850bf7fc634132b3102eff1279ab430bee9398efe937e8b5021231f5193dbaa3e459cdc12bfcd4e31160df42ac8d8f7fdebdba59","ssdeep":"","tlshash":"cd41621766056e18f437c94877ff900c71eb4428712ade7867a89d3a11d64e53a2b7d0","size":2364,"data":"","first_seen":"2026-07-10T09:45:03.569736Z","last_seen":"2026-07-12T22:01:35.294604Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/app/(main)/error-e76e5ecab04323eb.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea37a6907bbf49850fbc241b021b98ac","sha1":"0c4b73cae7505f9098532e047b378bfae64317ac","sha256":"38ad85b1457519a9dc72e54394f3996d7560f3d34e3398ec2ec72a9ed62253aa","sha512":"dc3684031a1dfd4df683fa10824f12e47c829ae2d20a92efd4820e6ad9e55732c6a9784530685c9356a7af34747a1a16f700f036f08e09d75bee9b15f06256cb","ssdeep":"192:lTzTFtTCTnsHTTYTetT9TYTFTYTcTLATnPtpSTiuTQTp6TPTSDTETzT3sToThTF9:lTzTjTCTsHTTYTmT9TYTFTYTcTLATPrw","tlshash":"681224fe5f9e25ce5512c3ccaa4ba040d7de0338365e4821a58ea8b9c241956fd77f24","size":9171,"data":"","first_seen":"2026-07-10T09:45:03.528266Z","last_seen":"2026-07-12T22:01:35.281579Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/app/layout-3f0574c4e5d40333.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c0d11d52032af6ad193ca67a8408c35c","sha1":"8932c0ff9004f3317bb6d2e2c06693f5f855a761","sha256":"6165148d41738b1c671dce4457ec8f9742d6b4489d0de7f6c916b30a77d5f34e","sha512":"7a88391810320df94fc5f40b777293396b0f6fef64aac6c6ba2ac848997bf81dd11dc7cedbe7fbf16e450fe788117fe66f79dae4b072b67724e99c13c2590fdb","ssdeep":"768:+s5XQwaevuPsAc9kxPsAzea6AZZGSYY2pxJuFFdYnQ:+s5XQwaevuPxnpMpxJuFFynQ","tlshash":"80d21ba6920a293cb5b245e8663f910cb17f6b25d72e4414b7bf2c313b498cd92727cd","size":31080,"data":"","first_seen":"2026-07-10T09:45:03.495816Z","last_seen":"2026-07-12T22:01:35.275778Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/1255-c32318a942e40e3e.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0655ecf061ed2032b2ed77f5fac4960","sha1":"bd73869341e65531e389db448125d6aa1b94dc73","sha256":"da0b6bb480869080c97b8a651145be0afa28d583e9f61fdbf836fbaf22be5ce3","sha512":"848f838f84fef605ebcdfe400206de7557e437dbc80169c2fd494308da5747a6fa93547706a1a590b39d20aaf9587ea08e5bb71a162734255329beb93bad6485","ssdeep":"1536:bzigN+8/BhcO5HYHqLVcXo7yIzPr6Q04ToTlTx1p7eChTtaocZXxreXRNIrky/Sz:379LmA+sy4r904Aj44RN0z/Sz","tlshash":"f0f3dab636d0f8d107a780e5843b400af3291c3b146f74a0a3e6dcd975645dea1b3faa","size":173011,"data":"","first_seen":"2026-03-28T22:09:22.209351Z","last_seen":"2026-07-12T22:01:35.300715Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/8602-8018835a2b8c6467.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f366648bcf45d5debf0c1b40cf7d2f5f","sha1":"0b1a9b153106e4fea89f7cac44766d059c2e5941","sha256":"673a7d8aaeb6a9b355d1054015014fd544c8be225843d7bc37d39210d4caf7cd","sha512":"87bc2980f9da79d98616c2345107d092948b85ff882e652aee6ea02a2b3e01f9f8a2f49bd4835069e0487ce71bb42d9591bcd223fe11cb936a9d27a489040e70","ssdeep":"384:iTrTbTaTUnT74TeTVTwT9TQTkTz2uLSD8Tl4rmN2tTRT5ToToT3TuTcTrTP8TQTz:EP/MUTa4NOlu6zVmD8J4rhVxJ22jICPz","tlshash":"936286be77dd348d5a02e2e8d92ba0039bae0138264c4434b14ee4fd5958947987bf3f","size":14841,"data":"","first_seen":"2026-07-10T09:45:03.507605Z","last_seen":"2026-07-12T22:01:35.288512Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/app/(main)/layout-4d27638b938b6895.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bff7621c687cd5d0f66ebf66ca833cfd","sha1":"cd1f50b353365d253742afdf6ae67fdf39795351","sha256":"d28666a9634510936f8d64bbba35597f853a668c80009cdb3607125168eefc37","sha512":"b25b6d5745ac6e3165fcbcf29518a315ad942447a0a7dd97c02324c08a791d30f9eb178fed39ee9f4b5694defbccc9c1b7ec56764182c26bcb50a4158aed6dfb","ssdeep":"768:f4f66H0enWAvs3/94888itgZ6E9hHnIiTuJWxdlBLdvHT6tyaz3DXE7ir3zeZ6z:fcrnWAkva888itgXhNrT5eDE76zeQz","tlshash":"f2430935aa073d18f63f81c9778f550eb15fa924fa4f4538ba7e2c3212584e4b226bd4","size":57728,"data":"","first_seen":"2026-07-11T14:42:52.99703Z","last_seen":"2026-07-12T22:01:35.313706Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/main-app-f3336e172256d2ab.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"39016df7484bb925b0b0fe1905ddbceb","sha1":"088ce59eb609b8c19e00e2d93e10d33b75578d7a","sha256":"91801d552d3e97ad6aabb535c2d8eeff31bab152fb2448b8556373894e7d7215","sha512":"41618a49d22f65beb83086c769a8c67e5ba76cbd01b838ee2ef88857171a333a9ee680d08d182a3ef65393eef1b4d2984c122e3d4d0913e82c0f0e9ee004e46b","ssdeep":"","tlshash":"8bf0d69a4f0cf52f5d26ad65fe97ace2245f4175202b4e606901ee613c23bacd270404","size":572,"data":"","first_seen":"2025-09-01T15:30:28.522834Z","last_seen":"2026-07-13T05:05:21.75875Z","times_seen":633,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/8347-2cdd515f34b89f12.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"49950202b034f7c0521d2f2129c83c84","sha1":"b39a0b9a93e867cf8675f483507f08d29d1375f9","sha256":"b35f82e8ce5a7a8b3b1083a9731c3d7351973f866106ebffd0c69b90405e5db6","sha512":"e40aac677169b6d180e3fe9b824cb491c49e9c1298c17f6a222b00343907f3ae29daa5d7b2a5c9af388e54bfcd0f92611283a303bb310752b5721c51c943be04","ssdeep":"192:njk3KSwJQV71am/oOJZBOcIkQmAYxDvLZNIw:jk3z1D/9JZQkQmAYdvLZNV","tlshash":"8f02daf5b762383149ebc2d6b5722942f318078e6628d81051f50d2e7358e0eea52fd8","size":8438,"data":"","first_seen":"2026-03-03T22:08:14.650035Z","last_seen":"2026-07-12T22:01:35.278324Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2cde633364ca71e63e183fcd285ce7a","sha1":"9a862e68484ea8b8bb94f672043d0752dbded9c3","sha256":"77456310fac2a586847d628eb005a0b7fa04b0e9569341b7bb5702bbdb94920f","sha512":"80caa655040b31db018b4aa93f5ccee47b87cad631f25e0b6f316c5a36fdfdcf3fb8da6ad95b895a620a2ccb565090f596acf0070a561a4804e502da79b3ff3a","ssdeep":"","tlshash":"6ef00e5a2c97a4a737fa367ec31b562b235203037882d808ba0ec4242fa8a951c4298d","size":614,"data":"","first_seen":"2026-07-11T14:42:53.022414Z","last_seen":"2026-07-12T22:01:35.324806Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/webpack-88bb21cc9b698da8.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a6e899e41a949fba95deb581bb003e29","sha1":"89ba1afcdead5a1d29e3f536b345fae2dba1b13f","sha256":"6e412f48b783c41ca2068b946c56cd6312c80b2d3abffb6dbfd140e72c87ba60","sha512":"37f42a21cc92480d8f99693a786fa2152a4eb6e87e9543a80d7e50e46bc07d6baf311b4dcee59547fc6bb6e1af56aee9c0ff37c864449797ef34c6bfe4d4b052","ssdeep":"","tlshash":"0a6195a93625f9b556f108868c7ed142f21a6037051af8a0e717dcf9b464ae20562ff3","size":3448,"data":"","first_seen":"2026-07-10T09:45:03.472302Z","last_seen":"2026-07-12T22:01:35.287927Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/6820-e593c9faa2a09980.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c1e6130f49137ec5692ac319914a3f5","sha1":"e2db6215232326cd4d627e0f60c9a2c0ebc01c74","sha256":"131356516768ecf2507d0f76b9a7e9908b01e31dfc8df88329705d2e2afc3222","sha512":"d69ad7e662752ba1072c4de3574746de1675d7c123fc8c86dc45531e3ba9df2435998247276573ffc511590437f9cf1f4a3eab9c59d8e0ef9dfb3fc717e73b12","ssdeep":"192:WL9p3LRi2cihbDVksxQTu5c4tMSojxugZNYOHCh0wMcGW0T2vJVkwkFFtzQj:WL99Rx2Tu5cAMJVjiqwMcGW0T2vrkXbu","tlshash":"5422c8d9b5d1f8a583ab4090443f100bf2795d75281e5184e3f95ceab9a045ca2f2fa9","size":10748,"data":"","first_seen":"2026-07-10T09:45:03.49158Z","last_seen":"2026-07-12T22:01:35.290779Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/4bd1b696-100b9d70ed4e49c1.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a9c2166a0ae63c27a466c7fb5903d80","sha1":"51f1c90c3f1e1d32d0c81e836ded7ed5ba0601d6","sha256":"5421e13a91a9389517b66179f3b4b5eaa0d95245438066d4d7b19ac30aeb809b","sha512":"8dc6274f2637076f1b5c4cd3f61b14259ec5552d844245c8b93a64f19c8b6b7347554a03b994b0f880b7dae74ad65e54eaa00be81783c2cedbae82a7fd4b89dd","ssdeep":"1536:DWET9Lwegcl2MywYleojBFOQLfioEV7hNc7lFlgXGhJx4bzZc5zg5tgW/zAe6c0:Z9LwzMyh1vLEE7RgXOQ5SIA1","tlshash":"ecf3f8ec3999e611aeb342a700df28037378261b240d4d60a614fd9ea57845bb17bfde","size":173025,"data":"","first_seen":"2025-08-21T15:49:50.637902Z","last_seen":"2026-07-13T10:45:18.945199Z","times_seen":13110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-07-13T11:17:59.153235Z","times_seen":394642,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"porawex.com/lab/avatars/avatar-02.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.679Z","timestamp":1783889286679,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/avatars/avatar-02.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"88c0-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WyhAPlNyDCXArt6rYNK5IsQZifkgKmTtxypmkBQPpAYyyQNAr4XqBSa8mNB05YQmtQsNWRIh6qk2RyoM2yctqX4P2Zq%2B%2BUszZcFYVVwAFnNQ%2BzPQIaSwsSkEXP2pew%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e829bbaa23eb-OSL\r\ncontent-length: 35008\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35008,"size_decoded":36008,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e24a10a59b8477837b5c35ebe08bab8f","sha1":"8fe74c26ad32ec7aaf96ba81351dd927422fd32a","sha256":"8e6e00abcc1788dd41e9d7d17fca30cef3556aacec8fe332b81f78d694282228","sha512":"cf3153db4a58a8ac1ad8c27b900fbda406340d20a6715d6ce1339f26242aef3f68acafedc3f87b787d029c4c5fa9cb7ec70ab1a495fd29db7945f09e3b6706a3","ssdeep":"768:r4q8fc4wlex68jL0fXMNTpWxjJN6MfnVTMiYd:rmO06CYXglUdgaVMiYd","tlshash":"24f2f1400d366927ff80a08bb92d255931c0fcb79be814a688ed79f2860fcd756b935d","first_seen":"2026-07-10T09:45:03.442356Z","last_seen":"2026-07-12T22:01:35.283457Z","times_seen":16,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/br.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.680Z","timestamp":1783889286680,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2026 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 20 May 2026 15:48:47 GMT","end":"Sat, 05 Dec 2026 14:48:47 GMT"},"fingerprint":{"sha1":"D4:05:C2:EC:C7:EE:2B:D0:08:68:0D:3D:33:77:48:78:43:E7:D1:E1","sha256":"ED:84:90:EE:71:BC:6B:5E:B3:D2:50:B0:23:3A:06:0D:E0:50:C6:B6:A9:09:36:E6:CE:FE:E8:66:89:EB:4E:C5"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/br.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-length: 2769\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/svg+xml\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"1fa0-F5abWsDNckUsWGPTTgDw9d7Bxs8\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\nage: 980785\r\nx-served-by: cache-fra-etou8220094-FRA, cache-bma-essb1270023-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8096,"size_decoded":3517,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d5fc3717384cd954040873edb3061a68","sha1":"17969b5ac0cd72452c5863d34e00f0f5dec1c6cf","sha256":"45531de3e2b3e8a7f6db53f8021ba18482176600bd5cf66e547b3e7fc8aa99ea","sha512":"8d13cd413061736f506d580b37924aa472c3cc472df3961cf5777e73b670db829359980ebf3f4f1090f2ab023a793a40790916e78649a348dfa8913dd236c92a","ssdeep":"96:0GRMoBsOat6xhf5W2JGRU7edrp39bgWT00zmkJ14JVK8jWLJ3pkREYa:9RMoyOait5W2JGZXn9efTOpeEV","tlshash":"1ef189bc466cc2ec9ea696bc9f3ac0e0920de1eeb1e5c351a76cc17026935c9e14f456","first_seen":"2024-07-04T03:51:54Z","last_seen":"2026-07-12T22:01:35.254723Z","times_seen":120,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/wolf-gold.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:28.837Z","timestamp":1783889308837,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/wolf-gold.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:28 GMT\r\netag: W/\"e082-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OOtdVXrUElyjw9VpIQQh2cG4B0ARgk%2FYavJUpN4fh%2BNROWf4fx21xiec8sK3Nf%2F7e5%2FdkxA67YUFYzxsgNZYsHScmnZ2kDhr%2B938pQpc8iWc5d76SE8GoYa22XbSCQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8b43b9323eb-OSL\r\ncontent-length: 57474\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57474,"size_decoded":58481,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6705cd397c489728422c0670b86b5901","sha1":"c4de9ddd398312a49b6851018b180cf61b0b7deb","sha256":"44d27f27efb951e48ffabb381be0b255de5b0555f7d257b4ab5b297bcff8d5a2","sha512":"3035ba279c99aec13340c48187b829d2ae8c47dbe888cf5eedf2c591db098d2b1538d7884adca587828e5878ec992b4e0471e5baf74d80779768462ea3cfe397","ssdeep":"1536:U37DpmX6h92fm+68Cf2g7OE3mWwpRAUiKeyUo6xTsL:UrDAX6HE8CE2WwSUiKe1Ji","tlshash":"0c4302c18280cf866909c979e8b441413463051aba97b5d6fe1afaa20bdf14b3cdf13f","first_seen":"2026-07-10T09:45:03.458684Z","last_seen":"2026-07-12T22:01:35.255734Z","times_seen":17,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/media/393c7c15-55f1-4872-9e8a-8c4031c9fa10.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.682Z","timestamp":1783889286682,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/media/393c7c15-55f1-4872-9e8a-8c4031c9fa10.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a5npTtqhw75EN5AAobY4v8IR2nmQetbba0MD6uDO8DoKIk7CvuiDffEd2oBZ08SXRREiPjCVMPibIswlsQ%2FyEhHy%2FmGOpiUQUP5HJ6sXah1AJ%2FN6tmM%2B64coEoBLhw%3D%3D\"}]}\r\ncf-ray: a1a2e829cbab23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":147468,"size_decoded":148481,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3907fc5dd8d6104080c97e7198a11879","sha1":"103438e410b11e541f5f565b8bffadf10fb53257","sha256":"418df053ff23662b34c7498396d726bc84be81982ee89cc1090161b23ec35175","sha512":"5a2bd52f9e64befa1bfc4292d5683f7a55ce12e7f27a371039be3dddb1598ef76de05ab64774813ecc2f850ff86de8b30ebcc8c43759484b548a1795889eca84","ssdeep":"3072:3dJOJt+Va89AFduFVRqBVjdpCJXOeKr61821ImD6IuxV:3dkPu9AbRPCJjK217v6I4","tlshash":"50e312a450a464d4c36163530e10d60ce8d86fb0962b0ae0f8e5bd8f786fe59777fe40","first_seen":"2026-07-10T09:45:03.571625Z","last_seen":"2026-07-12T22:01:35.273089Z","times_seen":16,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/play/vs15godsofwar?provider=pragmatic\u0026_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.989Z","timestamp":1783889286989,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /play/vs15godsofwar?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9t7lzD9XyU24RQP2ALNrV8CMImQsBo9oEH1hXue5LpLPdAng3BCUlEq51OizmWhntUQpJ2KlXsc7H%2F7LhNmWN4X%2BpzWUfWD4SkpzrvKaIR8JJQKVC3poVEQP%2BGVewQ%3D%3D\"}]}\r\ncf-ray: a1a2e82bac1123eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":221,"size_decoded":1235,"mime_type":"text/x-component","magic":"ASCII text","md5":"23c01eb3c26338f91369fc8af176aa20","sha1":"9de0f3f7f24c3b5d2132d079c249fadc6d69a183","sha256":"8c0869cd0fd0ea595e988e46ac46c15890363303f3a70296c0f1dca9ca38794b","sha512":"b8388b5aa4211a82442b9cb18dcd9085cf1470abc20383c2df7089680d018d75068a8b22322096e190d3ff2f6347bdbd35e1ed9f5c504554513cd3d9954e7f38","ssdeep":"","tlshash":"a0d0a72646053af96c7a2884057dca9f761f515b61c856f250625a35936303219035f5","first_seen":"2026-07-12T17:38:11.91928Z","last_seen":"2026-07-12T22:01:35.249716Z","times_seen":8,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/6820-e593c9faa2a09980.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.355Z","timestamp":1783889285355,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/6820-e593c9faa2a09980.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"29fc-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h6LVeFTROvyQLIjM%2FslRZ3fyelHaStojQGfgZ2Rz2HZNT7L9sGaIFNAm0%2BNLGu2DnRjmIGNe4mVB%2FqARh%2Ff0Y%2BLTcHVwONzcKyEWmQC8d0huqElByS9cRM9ePkbr4Q%3D%3D\"}]}\r\ncf-ray: a1a2e821796a23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10748,"size_decoded":5241,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10748), with no line terminators","md5":"5c1e6130f49137ec5692ac319914a3f5","sha1":"e2db6215232326cd4d627e0f60c9a2c0ebc01c74","sha256":"131356516768ecf2507d0f76b9a7e9908b01e31dfc8df88329705d2e2afc3222","sha512":"d69ad7e662752ba1072c4de3574746de1675d7c123fc8c86dc45531e3ba9df2435998247276573ffc511590437f9cf1f4a3eab9c59d8e0ef9dfb3fc717e73b12","ssdeep":"192:WL9p3LRi2cihbDVksxQTu5c4tMSojxugZNYOHCh0wMcGW0T2vJVkwkFFtzQj:WL99Rx2Tu5cAMJVjiqwMcGW0T2vrkXbu","tlshash":"5422c8d9b5d1f8a583ab4090443f100bf2795d75281e5184e3f95ceab9a045ca2f2fa9","first_seen":"2026-07-10T09:45:03.49158Z","last_seen":"2026-07-12T22:01:35.290779Z","times_seen":17,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/hero/hero-crypto-v2.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.379Z","timestamp":1783889285379,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/hero/hero-crypto-v2.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"dfa2-19f1fac3ba8\"\r\nlast-modified: Wed, 01 Jul 2026 21:53:29 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c%2FnzV8xGrUWUULmrPufTydv2iW8ouIzicMYe13OMYC1EVvS9QKHlSxC4Ax0HEWaLHHNHp20njW1FMZ98zEl3WN6%2FEz3MbDt1meUeTFaJYIAd%2Bj%2BVvDkpe5tnOhouwg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821997d23eb-OSL\r\ncontent-length: 57250\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":57250,"size_decoded":58252,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"56c58dba7ad45338604758c52e42af70","sha1":"491d07877f76c506fcadfc44a78f9de50271b96c","sha256":"6ddf7100c55662774a5dd5586a4895e0beda986e0ebb317899bc4029afd121cb","sha512":"b59a876576f35c880216286c5df93e91623335010175890c89f64e8e3b1ffa27a9bc7dcc4729ea30bf503ebfd15e9599fe2e73e96c91c115eaf81168fdf384d5","ssdeep":"1536:xywBsATj+mNGuSdV/idOIuArwisjvouYmptY3:xDTjltvdH/wiKvoZmptq","tlshash":"3543f1193565594a2f015cf9f56b0ed68eec835608ec18635df6714eaceb3430e32d62","first_seen":"2026-07-10T09:45:03.452699Z","last_seen":"2026-07-12T22:01:35.282632Z","times_seen":17,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/bigger-bass-bonanza.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.386Z","timestamp":1783889285386,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/bigger-bass-bonanza.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"16198-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tf%2Fc4kR%2BHaO0K2ImZjMIFES0Jcnm%2B40l6KYLejR24%2FJ9gUPmS6%2BsqOfYec4e41Y2%2FmSUqnfvh36XAXGndWFnE92I4BR6273tW3YQt9NQK%2FLqn1Vgc%2F65g5meKV83sg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821a98423eb-OSL\r\ncontent-length: 90520\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90520,"size_decoded":91531,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e3f8e5841788bd266ee6bf17ec0475b4","sha1":"872069dd6f8ac718b46b581fdc46da24c2bdd3e8","sha256":"590941ede3a0091deb7626acf11bc039331d71385db4a14d486538f364e354d2","sha512":"c3c42e96c0801384e41fb01e016283ac61de9f779e3bd192a0829ac9734d86a561b7fbbb1c863481f9e00714509709c49f2d6185bb2cc3878aa953fdc6abdc33","ssdeep":"1536:BUDMnU+IWPe6sZLAn+87aIkQ/jusg5P+0SPqYJyqK9xcE8A7dlo:BUDKRHJC8+8r/j5gkrqYMaEP7dO","tlshash":"959312c9a739c27b656addc05e1ef2c466d7f346004776ba2a2463527f9072603f8632","first_seen":"2026-07-10T09:45:03.462318Z","last_seen":"2026-07-12T22:01:35.245968Z","times_seen":17,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/avatars/avatar-05.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.445Z","timestamp":1783889286445,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/avatars/avatar-05.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"6c80-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yLEA%2BX7OdC%2FdnxZiTTMOPc2SETDnOLqfmwNbcIuuzAXWcQiSQ3dcX0tFJw7PdQNeS%2F6%2BeO9Ru17T0nWY5t1uPMZfz7CEfqzUamBlMsjxPF5lu1xvdZZZ3udzjw7qGA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8284b4e23eb-OSL\r\ncontent-length: 27776\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27776,"size_decoded":28778,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6e793b51845ab5490d571ca386013d33","sha1":"b41b56854224b49bb3c52221590c07154bb01b43","sha256":"0478f021f3a2c9eb30f2589ede241013b251e2aad9cd454c2601895e2a8554ab","sha512":"4535edf2e2cb2cfc1007f468796364e9e961a07704ef1b501434695cba44bd6cda927863e7dc32bd951df85765b999f528402a8075f2858e1bf67819fa453151","ssdeep":"768:CqHyqocAy4Typ6eqt/pzx4LU83Z6/kO/nheetlaKV:SqU5TypaZpztEYXweL","tlshash":"3dc2e003abf46fa6d53f289769dbe7b246242530139cdd4baa36554531820b6200defb","first_seen":"2026-07-10T09:45:03.486194Z","last_seen":"2026-07-12T20:48:52.747631Z","times_seen":11,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/sport?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.455Z","timestamp":1783889286455,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /sport?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KUQIdD5kbRf4g%2FNGRAPnCoVV7yRXZKXO%2FAo%2FNViOn%2Fpz78Djp2ZiQaylf%2B0GPZhjPopGVBHQKQnDDydbp1VfoUncnjYZkK7bceJK5SGARkX4%2BYFPZA5qurqzq5rohA%3D%3D\"}]}\r\ncf-ray: a1a2e8285b5523eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150,"size_decoded":1201,"mime_type":"text/x-component","magic":"ASCII text","md5":"58dfd66d86ef41e0dbe017c5b7e355aa","sha1":"36d41337111ebea1844b4ce57f53a44899d98d93","sha256":"96bc05c57ac0edf0e2a5fedcaae23bc9f76f68e272b587454b2eaa39c54bc23a","sha512":"dc7904a78b124aa12553520a5e26687b56576e45ee054b476d0e7892df4b30f468e490f0eb9e0ecd30e7f471006435b5f2fdb6724fe4b3fd21d88a4adbe4401f","ssdeep":"","tlshash":"b7c08c2142483ef56cba2888156ec60f760e410b22c658f4a0d24b14a73723006035e8","first_seen":"2026-07-12T17:38:11.924846Z","last_seen":"2026-07-12T22:01:35.248934Z","times_seen":8,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/app/(main)/page-1242cbe80559576f.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.363Z","timestamp":1783889285363,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/app/(main)/page-1242cbe80559576f.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"111bc-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=asCD3FM6SHgHAXpfeLPwSLiIfsp%2BMSjN0o53iz4OyjOs37f8JOd6YTlFlBSLWGMUKeOhe8Hc5hRK4nj6hROiBPYrsq%2FGkRjq4fB%2FqFPm%2BlKs9gQTxx88pmNRQSbq3A%3D%3D\"}]}\r\ncf-ray: a1a2e821897023eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70076,"size_decoded":21624,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64865), with no line terminators","md5":"2ee880e294b488be8baf2ca00c36378c","sha1":"8097afdbc5ddf81116d40b3ee666e00de6c6f3e0","sha256":"ef032dd04b290288f2ae2edc7770a8d5b9326fcef21f5bc58b25227269543da0","sha512":"3eb17709c4aec980db281cba79a3b2a34ab80a6faa5937533e6b892184a66f54ccabf143dbee2d30eb530a94f2627e766a7452702e844f442e436f1d413dcf8c","ssdeep":"1536:7cJf0hkZ9geTeIY6rGa5cd1Q8g993275WBWVQ4u:7y3ej6Ka58g993UZQ","tlshash":"8863193a975a7918f837ca8c769f410cb16e4528a34e0db4a7bbac3113854f4b667fd0","first_seen":"2026-07-10T09:45:03.50869Z","last_seen":"2026-07-12T22:01:35.305089Z","times_seen":17,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/fire-strike.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.387Z","timestamp":1783889285387,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/fire-strike.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\netag: W/\"108ae-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mF%2FY8fO7NH4ogHspkEw5y21vC9uwKC%2BESs5biVysimhYuPBgAZTEkODNae7UtWNoWJD4e7iMsgpGdn4TPA300jb0FQ4eKqsdYGFRadNeOz1vXQ726X3SFwCwBQsSmw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821a98523eb-OSL\r\ncontent-length: 67758\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67758,"size_decoded":68757,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b60599e0bc3952067e16891a5fb97653","sha1":"71247bc7e769a0c953cd6458ad536436f11098e2","sha256":"0a3d85ce2dcd6d1aa8b9be3ac6db4ccae0e4f3f832c06b46062df86fd4ab060e","sha512":"34671a695c0cd4a154c97ed5c030c378917af33ca0a5a95b5d7f789dcfd353af6b8c77df1a90e0098e3602936360583a93d1faaee5e9ab8064c7c4c116dcdef2","ssdeep":"1536:yqon/EW4B8UjSTy80dQPYtJ4HpUbsUQtIJTP45lqLbalx51jTos:WcW4BTSTy8pwtQpUbXVJc4w51Ys","tlshash":"096302b330e35429038019f2ee67f84f62a2a5898057115e7907d587cf36c0f52ea9ef","first_seen":"2026-07-10T09:45:03.466313Z","last_seen":"2026-07-12T22:01:35.269607Z","times_seen":17,"resource_available":false,"data":null}},"time_used":2618,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1616,"receive":1002,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/play/vs10bbbnz1000?provider=pragmatic\u0026_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:07.079Z","timestamp":1783889287079,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /play/vs10bbbnz1000?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q%2B8Iry3S%2BVKLTOzRFBH9YYMe56lF3lWKFT%2BfRLKsi4raKOftrU%2BHPLKTF5GobF%2FpzUqUItd0ON%2BNGGwv2xSbJHoc4wNoWBWbh%2BmUXxaCdKhhfFWiBNbpeEBO0jeCjg%3D%3D\"}]}\r\ncf-ray: a1a2e82c3c3623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":221,"size_decoded":1241,"mime_type":"text/x-component","magic":"ASCII text","md5":"ba26f32ffcaf2831d8ec0ac54f7d4872","sha1":"b9ee1b9c7f10092556bbec51149a9e459165adcb","sha256":"1402a8c710ad9f71fd8233661635a2433ecb2f6997bd53062856cc9bfbc34f7b","sha512":"c9a460d044be181512ca5abf0df6e510f4d42fc07a0362a7c46dc329473f9f7eae4a353c6546ed2a6b105127437d6a7ffb1b6ac820c14d2814fd162867d6bed0","ssdeep":"","tlshash":"e4d0a73a42053af56c7a2884057dca5f751e619ba1d846f250525e35976703119036e9","first_seen":"2026-07-12T17:38:11.676985Z","last_seen":"2026-07-12T22:01:35.315169Z","times_seen":8,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/starlight-princess.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:10.815Z","timestamp":1783889290815,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/starlight-princess.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:10 GMT\r\netag: W/\"17660-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6G9umlLg%2BZMEN5leOzA6xSLUtAtuXorFhoFOC6P8oWOQvy69l1yC218GvO%2BHCk9gsrCq%2FE9rCu2BVMmc6RnJUAczm5cZUohUqfZuEEv203QqUcaOd9c9jMF2RAZblg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e843994823eb-OSL\r\ncontent-length: 95840\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95840,"size_decoded":96844,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9824b494b8ade7c0157812b4aacaec2c","sha1":"d57539bf59f9115e0ed688bf2a0d6c52463e8fcf","sha256":"6c5adb95eeb1a45770a8d30d019378335141a52e1af4472b0cf4b4645ed93f6f","sha512":"e1942c4af37eb41984eb54b63afdf61f4264b023afcec48b8fca603883093002d21f90db0aaec5ef65ff0bc485fa5991eba74393b18181ea1c146c039c058d42","ssdeep":"1536:HGXhI6Tit+KvC2DM768fnbxPExl0l9lWlXY+nuCnt+8V+b5I7GKI6Izs:mS6Tu+KvXY7JfnbxsDa9liXY+nDt+8YS","tlshash":"769302da9eb729e7f6419b36062479c256fd49dd66239e3032c9e18ccf740f442ce892","first_seen":"2026-07-10T09:45:03.50984Z","last_seen":"2026-07-12T22:01:35.260154Z","times_seen":17,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/sweet-bonanza.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:24.325Z","timestamp":1783889304325,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/sweet-bonanza.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:24 GMT\r\netag: W/\"11110-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xw%2FJo3Ghz9MR8uh%2F1CXyxzMtlwHkZj%2Fj5bKWrTyaUik4U5DDiAYVdn2d5CGRR7ClVJFVgs4pJyIm50OworsqD3kq0gnQ07C06MENCjm3XaxTNXiebpT9q%2BdFdwr4Pw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8980ed623eb-OSL\r\ncontent-length: 69904\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69904,"size_decoded":70910,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"721b6f52f6774f238e4849424522f47c","sha1":"d3080ed7ef65c3c03e2f93b18cc82756a8655b96","sha256":"d52f0c6f6681d1bfb2d399caefa084f38ce65e099e7bc22e61dc67dbf7ce5bdb","sha512":"510dedd7bf8c58f1b648f09f8c2b78f95dce5a0a765dde944e2d69d0b5511c63b1b5b107ed3d213e3682e73cd201f6f3ce575c0160d9a4a1a55f12aa107e24f0","ssdeep":"1536:BGgiPYdFt+tD7YcF6rZ9FiZ+gxAW7KHV1ynVCEB3M:BXikQD7OLIYgxt7KHV8VCE+","tlshash":"646302c07fa1ef0cd5f07bc362e76b64ecd21d95a22da1d629179f2356afa0214081ec","first_seen":"2026-07-10T09:45:03.510801Z","last_seen":"2026-07-12T22:01:35.261924Z","times_seen":17,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/images/payments/litecoin-ltc-logo.svg","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.405Z","timestamp":1783889285405,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /images/payments/litecoin-ltc-logo.svg HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=5,i\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"1e9-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N9OXfBh8cn2CLZIUX22ZNj6WAY4Aq4m1U%2FZwSFIcUGdK39nNted9ceYo1HyClM%2F9lao6hGbbqWf86Usq7OtH62K%2Bz83OQQ1IqqMfPR63XvUsQ90mo90dC%2F0I2Y7ISQ%3D%3D\"}]}\r\ncf-ray: a1a2e821c99723eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":489,"size_decoded":1260,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6046cca14ef5741d48469675250f8d1a","sha1":"e5d3cb531aa29112387e94a9d68a1ea583576c8b","sha256":"20dd004b22b76d98151807b3ca99196f84edf24cc5d66c33e3aaabfd9ada6d19","sha512":"e4153f5893945f12cf4bcb8b0a66e1b360fcbdd62be00058ec3e6d32452e3aaed2913e3328ca99a3067acb5ed5964df60796b7e56199dfb316790bc413877b31","ssdeep":"","tlshash":"f6f0d47bdb50ce2ddb50472cc0c2b50210704542f1c24294ef97012cf80b8b3747c9c2","first_seen":"2023-07-06T20:31:16Z","last_seen":"2026-07-12T22:01:35.279612Z","times_seen":793,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.990Z","timestamp":1783889285990,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://porawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 327564\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T11:17:56.345809Z","times_seen":233417,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":3,"connect":52,"send":0,"wait":19,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/rajdhani/v17/LDI2apCSOBg7S-QT7pa8FvOreec.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.002Z","timestamp":1783889286002,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/rajdhani/v17/LDI2apCSOBg7S-QT7pa8FvOreec.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://porawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15688\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 05:57:21 GMT\r\nexpires: Fri, 09 Jul 2027 05:57:21 GMT\r\ncache-control: public, max-age=31536000\r\nage: 312645\r\nlast-modified: Tue, 16 Sep 2025 03:40:35 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":15688,"size_decoded":16501,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15688, version 1.0","md5":"d5448938a162ccb434b09f4572c0191f","sha1":"be9eae3d1d9f4fbd2208e0fd3c871b17b65b6516","sha256":"5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f","sha512":"df0245084768642738387f7a0daa11c4bd0109617c4120bfd88083c30d686ee2bd327e426ce0d9ee1f50839c5e2890f8a2a2d7acce3705fe8fa324fe623ad942","ssdeep":"384:Bktl5HsgImpL/2gZDAMAyNWE3pZrsjyb2mf+X:Bkl5MgDpT2g5AMtswpZZ2mf+X","tlshash":"7962c046a5a6b998f4d4ecfb0086542c19bb5ca11c6230f3c719356f5bd3e75cee4540","first_seen":"2023-04-14T01:29:53Z","last_seen":"2026-07-13T07:15:41.198028Z","times_seen":5715,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":44,"dns":0,"connect":0,"send":0,"wait":37,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/1309.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.609Z","timestamp":1783889286609,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/1309.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"2ea88-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jr403oJ%2FYXhqZyDYVMaLXVK327BCmPzm6kAmkd7ib03MBhV8qp%2Fz0vqzXuOOnm%2Bgc3In1%2BOPnHFwsceCerQ95snuJsBa05f1SYzp2oxDui2YU0zLURNjvBQtl2NgZw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8294b8023eb-OSL\r\ncontent-length: 191112\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":191112,"size_decoded":192042,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"67de634afd975632ed55c97a46274d7f","sha1":"266f437d9a77778edf3648153208b5ab234d482a","sha256":"2dd2997203a4aed12599d29f3b7acec417219602caf5ccefac1e6412de958224","sha512":"39bc73e745ca4e806f46bb88fd497f0da2c6b409d7f5e5e09fbc132688afa610080ddcb1928509636b1feb3cce304a7b4a2b656ccde12c295e0d21fc889edbc1","ssdeep":"3072:DfXnSkyhQNXDwrkbAF8UqsuJj5CMvQ3HrtjpnwzQr4YQ3iNekbEG9iBwUB2:DfX/+QNXDwAbAAFQ3Hrt9wzQrciVn9iS","tlshash":"bf14239ed7c056511be03a4b00d69f49a0afa22465f81af1c9fd35dcf1242ff82a8728","first_seen":"2026-02-02T19:22:04.376431Z","last_seen":"2026-07-12T22:01:35.285214Z","times_seen":39,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/media/26e4d6f824b54c33b0666324cd0f018a.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.688Z","timestamp":1783889286688,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/media/26e4d6f824b54c33b0666324cd0f018a.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W%2BMPboZJYfXQVUO8XO%2FhaKlf1fjxnPZZ5W6riw8x%2FbBKgNrMv4gD4GOnmGdbm4yqVnEEMvsYZFBrculM2xNGHWkjjg%2FHPQcSnT%2B%2BdtKwc87czSNCmMISCBLmgKLYog%3D%3D\"}]}\r\ncf-ray: a1a2e829cbae23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":99470,"size_decoded":100487,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1446, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"fa3411773d93f8de394a5fe5f7fc908d","sha1":"3b32dff53270a2f61728ba8e80162adbcbdaa7fb","sha256":"ab21d29fa80489dcd0c549b8fc1a86a3883854dd2ea4c542efbf2cc690d98fa0","sha512":"c4cd3c0f88a40855b1fe0d1991f19afc3f824c18313f57e6f9e0e2fd4cb7930831e50fbce50384f9def5a4f387ff2feff9766cf755397d7513a4899ab1bb470c","ssdeep":"3072:JyMQ+X9mOqggzDkOgvxoepuPWEBfS2Q3lXH:rQuAdDBgZuxc2QN","tlshash":"98a312b3d82196792d1a31e3ffd4a1f64341a4636b2cd8ec88d78721e57f34ea324195","first_seen":"2026-07-10T09:45:03.511746Z","last_seen":"2026-07-12T22:01:35.267146Z","times_seen":16,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/play/vs20sugarrush?provider=pragmatic\u0026_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.991Z","timestamp":1783889286991,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /play/vs20sugarrush?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zIcy2I1nMBVIyob%2FHsLTXoagmYoD6vRu%2FMESqnj6cGFmYr3UEUyR1%2FxSQ5N2hpoSWawMnAFKZCwp85OJY4zFBBJnh08Yiz2bSMumTxriXNQEEBqwdSA6%2FQk6AfxdsA%3D%3D\"}]}\r\ncf-ray: a1a2e82bbc1223eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":221,"size_decoded":1235,"mime_type":"text/x-component","magic":"ASCII text","md5":"3265ea94b8edb331a659b21a81b3dc58","sha1":"059dc8e2cbb1f35c1173149aa46cefe41d434496","sha256":"d8f61083983fe755eb10faa200381b32507c14be526670b4ed95098efb1bc9ff","sha512":"8e74af12b0e99f74e926575dd456256ede8b5e09284bf3f19e3c662f54bb95acc3ceb714dd1802f5ed5601f6a1ac08ab1cf6514b4fca322b69e7beb0a363489a","ssdeep":"","tlshash":"63d0a72643093af56d7a2888457dc65fb91e515b61cc46f150934e35972703119036e5","first_seen":"2026-07-12T17:38:11.75351Z","last_seen":"2026-07-12T22:01:35.306431Z","times_seen":8,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/play/1309?provider=hacksaw\u0026_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:07.076Z","timestamp":1783889287076,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /play/1309?provider=hacksaw\u0026_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pm3I48dgSBK7EoytZnnHtCU5PaHEuUKBP4TWhwDhsGQu7RyetotAfrIsf2cgpQSLwaFd2U0dFNgGSRsKUj0UU6C%2Bf2t6XcYNglARc1LNChxIIIxRxdysnqFEXAw%2Bzw%3D%3D\"}]}\r\ncf-ray: a1a2e82c3c3323eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":210,"size_decoded":1228,"mime_type":"text/x-component","magic":"ASCII text","md5":"61f86c62e5d4185f2cb14f4f1d7b8b6a","sha1":"0f7974d6e4c05b361224dc4e4396496458456f0c","sha256":"3c998ee62c0a9023e983cb7e7a4e0243fb99129f71add0a7c28b0ee95748b635","sha512":"2da772c21bad59375b7bdb73865a739b3abe7aff1adbcf613df43178bbfb5697ad6e28c22405b12a77f255fe7fff22a6cbef2defb24d8fdbbf86c8138948e789","ssdeep":"","tlshash":"f9d0a72647053af16c7a1884467dc64f791e100b61c80af190d35a31536302115036e5","first_seen":"2026-07-12T17:38:11.691866Z","last_seen":"2026-07-12T22:01:35.268591Z","times_seen":8,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/fire-strike.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:19.842Z","timestamp":1783889299842,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/fire-strike.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:19 GMT\r\netag: W/\"108ae-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ll3kjKKvOZC7UpQ%2FrOT9CocEV%2BfRsjN%2F9uibZXswd%2BcP%2B8MGGoPlrMaJreD%2FupPRQ9PtczbBPSbjWq0NRw5GLXXAy0XXvmlssm%2BiRCb39bH35Yj25Zx6kNlpAKUbMg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e87c0b4823eb-OSL\r\ncontent-length: 67758\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67758,"size_decoded":68770,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b60599e0bc3952067e16891a5fb97653","sha1":"71247bc7e769a0c953cd6458ad536436f11098e2","sha256":"0a3d85ce2dcd6d1aa8b9be3ac6db4ccae0e4f3f832c06b46062df86fd4ab060e","sha512":"34671a695c0cd4a154c97ed5c030c378917af33ca0a5a95b5d7f789dcfd353af6b8c77df1a90e0098e3602936360583a93d1faaee5e9ab8064c7c4c116dcdef2","ssdeep":"1536:yqon/EW4B8UjSTy80dQPYtJ4HpUbsUQtIJTP45lqLbalx51jTos:WcW4BTSTy8pwtQpUbXVJc4w51Ys","tlshash":"096302b330e35429038019f2ee67f84f62a2a5898057115e7907d587cf36c0f52ea9ef","first_seen":"2026-07-10T09:45:03.466313Z","last_seen":"2026-07-12T22:01:35.269607Z","times_seen":17,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/promotions?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.456Z","timestamp":1783889286456,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /promotions?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o2af0maFDJZiYwBlhCtLt5JlPagysRaZH0RmuVlWroNBXjTmkhHQbaL6MLJPoIadDW60%2BZzvPMyFR6bwvDToAqxWNVZzL9d4v1Y2DLvtO2W8j6O%2B%2B7nDRs%2FfajdoGw%3D%3D\"}]}\r\ncf-ray: a1a2e8285b5623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5070,"size_decoded":2641,"mime_type":"text/x-component","magic":"Unicode text, UTF-8 text, with very long lines (2646)","md5":"0c6078aac6b9d1ffc8e7834936fbb1e6","sha1":"ad3285580e6b3b795da8ff9038e82664cb4da516","sha256":"2699254e5b0c4efa79c8108cf88c6a7ab2fbeff213bea3bab6c72b95f917e733","sha512":"7e9248e9b34de9024269377780c1f07594f126e6f40d25b6b9276505966c8b8583c02745a418c0b2f525109d314aecff0219857e0b4f0c54084b9dd8ed030e67","ssdeep":"96:W4SB6Z5ODVIAvZpeOdETypnnvXrk49KhsG60ZiTl5IyW9QfLj5lkY7qg7H7mkDL5:WpWODVIAvZcOdETyhIgtOyIyW9QfLj57","tlshash":"09a1023fab015e7fe7eb4181449f6249375c4b3bab50c9b6c0de5e18028a66d3e953a0","first_seen":"2026-07-12T20:48:52.756057Z","last_seen":"2026-07-12T20:48:52.756057Z","times_seen":1,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/withdraw?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.928Z","timestamp":1783889286928,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /withdraw?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hwq7l867HjLkDfId35IsndqjoJU8SX5XSz7RWefiSbCIH5n6k4SY4xPC9TT1gETp%2Fnwd6sv6NcdWoc3x95x1TSncfu4iD5Rb8OUkzxlLcM%2FfTfziGEEA1%2B8a3DfXUw%3D%3D\"}]}\r\ncf-ray: a1a2e82b5bf023eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":156,"size_decoded":1197,"mime_type":"text/x-component","magic":"ASCII text","md5":"dcb549be020f0e7a3b103927874114bf","sha1":"b21576a9bfc89614dd34ec0d3389a3458f90c15e","sha256":"752f22910f45fdce9245374bd634c27fd5403d8ef4779bc0e2637ea94e7ff9ab","sha512":"86dd330c10a28f8805d3be9a8c3a7f01c16b290e26f56a5f35114ce9bb3375dd1d7a208fc7a5dd379990b3fefe77954e7f964c9bec4a64c40ad173467bf03499","ssdeep":"","tlshash":"41c0806141093df55df934c405bdc60f351d420b20d4d0f69057c5117b3701008075d4","first_seen":"2026-07-12T17:38:11.843779Z","last_seen":"2026-07-12T22:01:35.26804Z","times_seen":8,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/crown-icon-512.png","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:07.516Z","timestamp":1783889287516,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /crown-icon-512.png HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\netag: W/\"3d605-19f1a0f2520\"\r\nlast-modified: Tue, 30 Jun 2026 19:43:48 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=azqkYe0t1rGEndn94hdovm6lOFNpVpri9f2HEtFWOxmOHjbVyU4Q914e7gZOoPscH8vGCNB9WOeDeLU4He9cemxounvA8ydQNXxWnmKGxqSlf2NToGEq72emCTYruw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e82efcab23eb-OSL\r\ncontent-length: 251397\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":251397,"size_decoded":252398,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"80d4744555e10615fd0705451496696b","sha1":"cdbb7f742437134f1a5d60165acf86ad5213db97","sha256":"6e73823fa9392ebc0bf9d73a2d4125b570b38729f8d9ea310afa814fd6256abd","sha512":"c9bfda11e02a25c4582ae239c6e168d59accaa434e697ce2aa6d510edf759e3a24f623e9219961edf63a7a4a1f0dca027a8f06f505a2a544c73b0d3607457b3c","ssdeep":"6144:NVPLp8eA7j5PdHoachilP1Odjbn36A3EHgbmODh5d/FJH4VAvLX:NJNEtPh8ldjbnKTcp15ddZ4VAvj","tlshash":"8534232db096f918cc4e7f515e3d4f4a95b773eec97db804619865ae8a3d29030c4b2c","first_seen":"2026-07-10T09:45:03.470767Z","last_seen":"2026-07-12T22:01:35.244679Z","times_seen":17,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":109,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/6477-9e02b2a147e40874.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.358Z","timestamp":1783889285358,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/6477-9e02b2a147e40874.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"1f6584-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tmo5h6PSuEwv%2BPeYPH52Po7wQcIn%2B6s3BSn6AyKuWmyiwFFGEnOby7uNkaVNbDTNBTXwZmIHwDL80UKAHwXrZCppfLsYnLZSpQUTGw%2B45dWoODWe%2FwmOtqA%2BMEULrw%3D%3D\"}]}\r\ncf-ray: a1a2e821796d23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2057604,"size_decoded":579578,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (58638), with no line terminators","md5":"b66b4adf96b34361e624085bac02f4dd","sha1":"2de8fbf5f39e235c724e087c37803769892783e5","sha256":"1a3cdfb687ced8dcc7ab9067134bd56a92782f468c26a9dbe595515555b9ec17","sha512":"7794ef09a3b5ad4c01e2c14b4f1e7723e8dc4b5e1ad6a148c4854ca3046fefb331e250302714bb016dfa238618c722f3cd56f8d87a0fc4f427227934f0dbc757","ssdeep":"12288:8YvBFTs8FN+95dzoX8i3UEPLBTXyXTUCI3184x1BZcWt/6BHsYfowoy+INtbkflV:8YvnXFZ848GYfowoH","tlshash":"77453918872c38b743dd33d136ce0f7aabec09b2a4d2d112dcbe952c62acd74616d659","first_seen":"2026-07-12T17:38:11.894837Z","last_seen":"2026-07-12T22:01:35.275068Z","times_seen":8,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/polymarket-logo.svg?v=3","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.377Z","timestamp":1783889285377,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /polymarket-logo.svg?v=3 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"31c-19f43a76a28\"\r\nlast-modified: Wed, 08 Jul 2026 21:34:33 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XnSeReSPPYhG7WsqGT%2FL3R7Xac9e4vCtddbxu0mRtWP7VKfdiW9SnYrtcaX465cP9piQM5xbJ%2FSYJwiuc%2BtGHHMWvZ7ZsqUZ3StWKk4%2BmhuzP4X3yzm%2Bs3oPnlyDsw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821997a23eb-OSL\r\ncontent-length: 441\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":796,"size_decoded":1492,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"96f4c35ae667bc254a3cedbee8fea5ab","sha1":"557c471948ff981c73c4baf00f14a24a8760d523","sha256":"51a29787758e3ae48fc9d0a9e982c7ddf1111f4c4967c4bc85e2067810b572c8","sha512":"1a41f905ffffba3a39763a85f7c55dcedef2c1f5a8c8c4f117976c753f3978822f32b5544f2480271815514109a7549a52204adf78a6879b8764ac483f9e4cce","ssdeep":"","tlshash":"ce0115dee044c46d5c1cca57cd3567dc6ca354f367d2461885159a1c7013bee9c036c6","first_seen":"2026-07-10T09:45:03.499638Z","last_seen":"2026-07-12T22:01:35.260721Z","times_seen":17,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/gb.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.378Z","timestamp":1783889285378,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2026 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 20 May 2026 15:48:47 GMT","end":"Sat, 05 Dec 2026 14:48:47 GMT"},"fingerprint":{"sha1":"D4:05:C2:EC:C7:EE:2B:D0:08:68:0D:3D:33:77:48:78:43:E7:D1:E1","sha256":"ED:84:90:EE:71:BC:6B:5E:B3:D2:50:B0:23:3A:06:0D:E0:50:C6:B6:A9:09:36:E6:CE:FE:E8:66:89:EB:4E:C5"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/gb.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/svg+xml\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"1f8-Fh7iCgp1uwbU8sqazbsTfZqWPOw\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\nage: 980664\r\nx-served-by: cache-fra-eddf8230141-FRA, cache-bma-essb1270029-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 284\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":504,"size_decoded":1050,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6dcadf6916764560c2f1fec586e2c1de","sha1":"161ee20a0a75bb06d4f2ca9acdbb137d9a963cec","sha256":"c8be1e7208798a4ae692ee1e937065d498bb29e741943f6172b29118b8ed8066","sha512":"b925b9042182dc31f953ebfe2bbe666822bb9a56411fc1045d46b5b20e68effe25bd6ce65cad1bcee3ef9008768bdb8221f66573d8daa27c60a8d004acada0a1","ssdeep":"","tlshash":"a0f09ec8d32d7045c70793104cbcf8e3d4d962ce559400dab4d09ae4216e7a7d8d7d91","first_seen":"2023-12-20T14:16:02Z","last_seen":"2026-07-13T10:17:34.001497Z","times_seen":3877,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":2,"connect":9,"send":0,"wait":10,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/community?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.452Z","timestamp":1783889286452,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /community?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dXr2rsfKm%2Fy9wD1fbGDbeif%2B5lM5wsK6stW2LHfcZ4HQKg%2F2Zuc8Ck1X%2FnKkfHMhJ7cD42%2FylkjuJ8AgfPYLtUzohslUAx%2B72Iokl0Vj4Sg1kBbIzr0yVYuXIfSUBw%3D%3D\"}]}\r\ncf-ray: a1a2e8285b5223eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":158,"size_decoded":1204,"mime_type":"text/x-component","magic":"ASCII text","md5":"1b0334705ee22e8a7d17bed69bac5a45","sha1":"3465996fda1b5a83c87e02b97b8df6ee0f9bed44","sha256":"f76a15b0ea09f5f901cf09bf4070cf841680c410472ec28c75a2f6ac0d8d2dd3","sha512":"2e444a8bf36dfff8dba923a3fe6ded8a12f0830293d60cd2a7bfc9a0a97849ec2e7da3c860aa937da2f4941a12f0b9b0358cc8061fe212b81f5bb853f8d9879f","ssdeep":"","tlshash":"a9c08c3942983ef66cbb288824aec64f360e430b21c611f0a0934e20f7370a00803de8","first_seen":"2026-07-12T17:38:11.869575Z","last_seen":"2026-07-12T22:01:35.246609Z","times_seen":8,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/giveaways?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.690Z","timestamp":1783889286690,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /giveaways?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MZQ4OVJgGQFC6HlFoF9tBv1buz4rjZLGwG62Zo1EybOcbcwjEByf3sbUH4C6TPKbX96yiKPSDkr0DoTYCsqOCXwtPd0ukrHddXP3pcKhfIyAkIAvqvNvFcBXSv45AA%3D%3D\"}]}\r\ncf-ray: a1a2e829dbb223eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":158,"size_decoded":1192,"mime_type":"text/x-component","magic":"ASCII text","md5":"0bfc3fd789c82ce146c5c12e2b511db7","sha1":"3bdeaf9b85ac35f5a912f96011769c56a1621960","sha256":"f1dde4c7e13818a4c848796b954ce0c1235716f5f2693b720dc202837c22478e","sha512":"f8fec6d2482f589d0d186e791ade1700e2eedd7a3bc078fe1424f7a0d70ad2457ee8fe491daa0d7d5095c346c8faa23b0b68f072c8e538df98e5a3251fcac332","ssdeep":"","tlshash":"7ec08c22420c3ef66cfe2a99286eca0f360e413b30c450f090e38b32a73b12008035ec","first_seen":"2026-07-12T17:38:11.809568Z","last_seen":"2026-07-12T22:01:35.274384Z","times_seen":8,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/profile?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.920Z","timestamp":1783889286920,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /profile?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VOmJnVMAUjTYkgLMmhd7lhmLEBQ%2FS3c6QK%2BpltWgicCUq34iYwmLWNI%2FHGFlIAcMTUmmrXPQ6pcAzcic6VgoPfUEihublih8TDkGNLeyLH1m74dj4vZ8QJsi0wz9iQ%3D%3D\"}]}\r\ncf-ray: a1a2e82b4be423eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":154,"size_decoded":1196,"mime_type":"text/x-component","magic":"ASCII text","md5":"748bbf05207b6156f15cf17ba8133983","sha1":"dbaa18fb1807fb2871e0004bf3699c3c53efd1c8","sha256":"1ebe0a4a9f13aa50207ac26a36d9f51792ad04baad6b566811ee69fb6fea014d","sha512":"604509af3847411571ec0f98bb105c288bcfe41078aa0a0a65d95db63681e874fdde02f17f76f4488f4b553218e7f38f81e0173867e2223595b448d5e972a9c4","ssdeep":"","tlshash":"7dc08c23828c3ef6acbb3c8834aec60f660e810b30ca10f090928a10a7b702124035e9","first_seen":"2026-07-12T17:38:11.90966Z","last_seen":"2026-07-12T22:01:35.252625Z","times_seen":8,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/media/ceb9e344-a5ce-43c1-8ffc-22302cd910c6.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.678Z","timestamp":1783889286678,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/media/ceb9e344-a5ce-43c1-8ffc-22302cd910c6.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sZIH7qRYw3QNxbF5mFPh7W9PtPW0Wdk7NOn6mkIp3%2Fd9Y8%2B8PZ8Xp%2BJ%2F%2ByJZb3QwALCSgXqrsYxN9KrzIMhU8b7gHlDNYyZBsUhaMQwxPR5i%2F2Hg1Na%2B8C8w9MIMzA%3D%3D\"}]}\r\ncf-ray: a1a2e829bba923eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":164394,"size_decoded":165413,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"137cdedc2f1c8db70aab54aa6e011b77","sha1":"29c0216d3b5508c9066886910e3d1c549f1d3a04","sha256":"bf004b731aac1a183833df63844be938cb69b2095b647428d48ef00ed9bdd051","sha512":"6949a5f01e83762591535d1e4042bd6907c2a877a2fd4463d029d021c751854dababc6e87876e1d8c0520ee2d273b2228349bcef02197204b014b6d23d89a204","ssdeep":"3072:eHo6l/e1LtSYcVQCruv14MTZC2Me+pgqE4y0NXowhM8am9eCrJJl:eHc9tSXbruvXZMxpDQAX3bam9eUl","tlshash":"31f312e6bc5c49935922540ef501aa0bb449e8486bfdfde5bd30ed5ccb6f630088b58d","first_seen":"2026-07-10T09:45:03.572616Z","last_seen":"2026-07-12T22:01:35.322231Z","times_seen":16,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/hero/hero-prizes-v2.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.381Z","timestamp":1783889285381,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/hero/hero-prizes-v2.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"155a0-19f1fac3ba8\"\r\nlast-modified: Wed, 01 Jul 2026 21:53:29 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tPE%2FU%2BFQINswRKMrtJ910DlZ9LM4yOF6BXNp5OOFVbjy5c2IAlv7oxUbv4O6ZGWOX8vN5eGrx11h1nenAeCrM3g4TsvD5DDFlqhuzm2gm%2BcSqv8Qv%2B9nQclhryJGaw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821a97f23eb-OSL\r\ncontent-length: 87456\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87456,"size_decoded":88459,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1e7ed6564b4d9f84e96781b9f7f3d7d8","sha1":"1c1b5e8bfbd1b7909859580dfee74bb9861ebcc1","sha256":"339e7f1e59b63184d606ae519a9ea274592c7b4b34020e875c699314d0cbf9e8","sha512":"cd39a863674a89ab3f65991de5f0120671fd82ce40a75c40506d65c05a7d30d934e44423afdd6c8ed8298ac1584a931bf56b937e9e278f34802971bad23a072d","ssdeep":"1536:1lclA3b1Jy6Q84I1VZzbTRDN8hc0nvFITLbleMrKHMGR7Q1q:HclA5JdQ9ItfhuVvGTLblbG1Rp","tlshash":"9c83021e431f503eee71f1e4b3b461f7c11ae1a822d8b4f6f45a48411b196ab4abf948","first_seen":"2026-07-10T09:45:03.577676Z","last_seen":"2026-07-12T22:01:35.30124Z","times_seen":17,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/fbevents.js","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.717Z","timestamp":1783889286717,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.facebook.com","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Mon, 20 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:C4:B3:53:17:8F:6C:92:13:21:06:10:3B:3B:A8:08:33:97:00:65","sha256":"AD:39:63:BB:0E:1F:D6:E2:9B:B0:3A:86:C0:27:C8:77:8B:42:5C:81:5E:D1:37:85:40:A6:63:4D:AC:10:85:98"}}},"request":{"raw":"GET /en_US/fbevents.js HTTP/1.1\r\nHost: connect.facebook.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: application/x-javascript; charset=utf-8\r\ntiming-allow-origin: *\r\nreporting-endpoints: coop_report=\"https://www.facebook.com/browser_reporting/coop/?minimize=0\", coep_report=\"https://www.facebook.com/browser_reporting/coep/?minimize=0\", permissions_policy=\"https://www.facebook.com/ajax/browser_error_reports/\"\r\nreport-to: {\"max_age\":2592000,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/browser_reporting\\/coop\\/?minimize=0\"}],\"group\":\"coop_report\",\"include_subdomains\":true}, {\"max_age\":86400,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/browser_reporting\\/coep\\/?minimize=0\"}],\"group\":\"coep_report\"}, {\"max_age\":21600,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/ajax\\/browser_error_reports\\/\"}],\"group\":\"permissions_policy\"}\r\ncontent-security-policy: default-src *.facebook.com *.fbcdn.net *.facebook.net 'self' blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net blob: 'self' 'nonce-dFu454Xj';style-src *.facebook.com *.fbcdn.net *.facebook.net 'self' data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com blob: 'self' data: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net;font-src *.facebook.com *.fbcdn.net *.facebook.net 'self' data: blob:;img-src *.facebook.com *.fbcdn.net *.facebook.net 'self' data: blob:;media-src *.facebook.com *.fbcdn.net *.facebook.net 'self' data: blob:;child-src *.facebook.com *.fbcdn.net *.facebook.net 'self' data: blob:;frame-src *.facebook.com *.fbcdn.net *.facebook.net 'self' data: blob:;manifest-src *.facebook.com *.fbcdn.net *.facebook.net 'self' data: blob:;object-src *.facebook.com *.fbcdn.net *.facebook.net 'self' data: blob:;worker-src *.facebook.com *.fbcdn.net *.facebook.net 'self' data: blob:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c\u0026minimize=0;\r\nx-frame-options: DENY\r\ndocument-policy: force-load-at-top, include-js-call-stacks-in-crash-reports\r\npermissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to=\"permissions_policy\"\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy-report-only: require-corp;report-to=\"coep_report\"\r\ncross-origin-opener-policy: same-origin-allow-popups\r\npragma: public\r\ncache-control: public, max-age=1200\r\nexpires: Sat, 01 Jan 2000 00:00:00 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\norigin-agent-cluster: ?1\r\nstrict-transport-security: max-age=31536000; preload; includeSubDomains\r\nx-fb-debug: 5angDn7OX7eMFFKAOtD1PIEkiatgOb+OXzOgvyH6d0nYb7ILLWhitOmuLmGkg3KYwfpDU7Rj2DqYkigxciBIig==\r\ncontent-length: 100859\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\nx-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=5077, tp=9, tpl=0, uplat=1, ullat=-1\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":381376,"size_decoded":104858,"mime_type":"application/x-javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (9255)","md5":"007129bcfbeea244b6e4b88cd253e960","sha1":"b8116239bb207bda191485bd2eb0f3bcf39b2f55","sha256":"525a75a05d2ded55a857efc20611ca9d97b5a5a71ef56dc22a6354c3b0ee2253","sha512":"169cff9a119b5883d154351879acb982f4a96c9b7728e6a3f226703766d29e53fb445966850bad4ed120f4614cee1074995af2be56b1cabf0d24b0b59ab0a79f","ssdeep":"6144:E7gAVTJGD0ML9RBTD+4Yd0E+brBLrxQqR/ddFriG2XPHnNpnK01lzrYzOOlvBZSk:SnWO0dgPHnNpnK04NSk","tlshash":"b784e789b1e1b0a103b6796c966f9007b2bbd5a234ccc960e55dedc82d7c49e4133eb7","first_seen":"2026-07-01T21:14:37.40446Z","last_seen":"2026-07-13T10:33:13.796924Z","times_seen":719,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":4,"connect":21,"send":0,"wait":10,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/play/1164?provider=hacksaw\u0026_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:07.078Z","timestamp":1783889287078,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /play/1164?provider=hacksaw\u0026_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hr3d8upi5bpLk6JDx6Kc4MrR7VORlpxkVHGoeZC5Tr7ThAsVnaMj3jHthcYeawPYA9M1h3M95hD8Eb4XyZ%2Bs6m9cut3oJ8kXV6093q9Bao3w8hyKcbeaOV2d%2Bbqp5A%3D%3D\"}]}\r\ncf-ray: a1a2e82c3c3423eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":210,"size_decoded":1228,"mime_type":"text/x-component","magic":"ASCII text","md5":"98ae05ea98c842962bdab96741a49fda","sha1":"169d031f7e1948b0ababbc917473af5542ffe560","sha256":"34e651b58ba6694c48b3fd74a6e3d7472b646241cb668a078a9d2841496b4c4d","sha512":"009407db9f0ed842bf9eec889100a22d5bcabaa0ed8bd2058c3639f1c793ad111fe9bd9dfa5ed0eb6a46966c8db8377ba18d7926b8530cc7d26a8f737726b7ba","ssdeep":"","tlshash":"4fd0a72647053bf16c7a1884457dc65f751e100b61c806f180935a31536303155035e9","first_seen":"2026-07-12T17:38:11.922317Z","last_seen":"2026-07-12T22:01:35.285833Z","times_seen":8,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/hero/hero-vip-v2.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.380Z","timestamp":1783889285380,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/hero/hero-vip-v2.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"12118-19f1fac3ba8\"\r\nlast-modified: Wed, 01 Jul 2026 21:53:29 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EbzKtEDGpudvA57XQ8L83JvTazvpthYB6Q7viKvYeSGwF%2FVfWZNuOWvoQ9qiAzc0vUZcsD1vUuHWXT2bWAn4dL0tbLCRcHDW0ygIM7RLcEUYOt2Hu%2FveTRDwMeAnfw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821a97e23eb-OSL\r\ncontent-length: 74008\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":74008,"size_decoded":75007,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b3619e2f0f7800d3951be34c267663f0","sha1":"b998fc7861c09dd7964f6ec1f5d49b793efea76b","sha256":"289834e4120de421eaac532dac21b56392c4a8c1fe499da2497b618be35d51b6","sha512":"2accadec8cd6e89ce82a2bef3cd057df9f742ff41561ad08d51aad21a3f532a2a6b380799fef0379dbf0b0748425a3317352943994626d95b83c3d04d79e7bf3","ssdeep":"1536:91HLNi5Iv2jucGwBgKvRVTSy4w5jlD/rLWIh36OLm2:91Hw5MaRLR5S1wjA2","tlshash":"257302ebba9b23cd5914bbbbd3004c06c72db345858d5aeb36a512c22a071fcaaf0515","first_seen":"2026-07-10T09:45:03.54267Z","last_seen":"2026-07-12T22:01:35.278992Z","times_seen":17,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":83,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/gates-of-olympus.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.390Z","timestamp":1783889285390,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/gates-of-olympus.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"f0d8-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6OEJ1plW%2BM7ekfoGmZFgWBz8pCoM5S%2FxmrDYj0UYLYzOp%2FqfopaeWFYLOikqQQNZrJHENJeaHtDvkzZXw6KnwY0v%2FxY66Edh1itMKS1IUrR6FAt9H%2FOpbFd5QJ0CGA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821b98823eb-OSL\r\ncontent-length: 61656\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61656,"size_decoded":62660,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5385dc5af3e323a64c8d460d53b38ea7","sha1":"afc4f25c210eac7f54158ffd13150d59beeeadeb","sha256":"5ffe571c58535b5f6923bf0b35f0b27c36c239359e768471b98115af0412fbd3","sha512":"c7a53ad11441621d6e599f71718d8688d94957852071c5599d29b56fd31de6c11780a9b5f21978ff6fdaad1893f2081d561f1687e0997b53186b26c744d0f1bc","ssdeep":"1536:GoHQqhP4lyxAukMALYYqYxxYw8XA6e4cr2Qfm:fhP4cWnMAI+xKXnc3fm","tlshash":"ed5302d492d4b92234c2583c7abb02585424e6e42712d59a737b769cfc32e89fcef885","first_seen":"2026-07-10T09:45:03.47386Z","last_seen":"2026-07-12T22:01:35.276397Z","times_seen":17,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":79,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/starlight-princess.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.393Z","timestamp":1783889285393,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/starlight-princess.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"17660-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4g2pDMlRSXUEKRvMN%2BfRVHuPQqjnYmQb4RRhAM6j0h9tCFenMs5r3DIoOL84FrvKhPCS0sNmswuF%2BflG8KC0DtkOcPUqbpV32V8dyD3nxRlw7RUe94C5cGjNAjW4sg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821b98a23eb-OSL\r\ncontent-length: 95840\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95840,"size_decoded":96839,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9824b494b8ade7c0157812b4aacaec2c","sha1":"d57539bf59f9115e0ed688bf2a0d6c52463e8fcf","sha256":"6c5adb95eeb1a45770a8d30d019378335141a52e1af4472b0cf4b4645ed93f6f","sha512":"e1942c4af37eb41984eb54b63afdf61f4264b023afcec48b8fca603883093002d21f90db0aaec5ef65ff0bc485fa5991eba74393b18181ea1c146c039c058d42","ssdeep":"1536:HGXhI6Tit+KvC2DM768fnbxPExl0l9lWlXY+nuCnt+8V+b5I7GKI6Izs:mS6Tu+KvXY7JfnbxsDa9liXY+nDt+8YS","tlshash":"769302da9eb729e7f6419b36062479c256fd49dd66239e3032c9e18ccf740f442ce892","first_seen":"2026-07-10T09:45:03.50984Z","last_seen":"2026-07-12T22:01:35.260154Z","times_seen":17,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/fx/rates","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.430Z","timestamp":1783889286430,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/fx/rates HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5oaGazsUWLO5B6LC338811d94hWvuPUfSwke9mkAzlIPs0RJmXgl7u11LbB6YgpBWT87%2FnrpUjEE537rNSYT5QYqUHgUY0xo26SugcM%2BgnQcB5C%2Bnd6zuXOAPLitrQ%3D%3D\"}]}\r\ncf-ray: a1a2e8283b4323eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2515,"size_decoded":2472,"mime_type":"application/json","magic":"JSON text data","md5":"50841b8752636bf55e4a635cbe386b8c","sha1":"c049de7771cb7783675df2abda86000bf7f41547","sha256":"02e8828276ff632935cd781e21ba2b8eb04c807d1671ffada1b2289d5d8c13fb","sha512":"60b0e092e5a21b7714d5cf0808a6a021d64915e178ac4c839e6b9ccd09ba7c9e2d423b6eb2109f18685eff8276781d2fe55e39d39c7363b879d3df96ef4ef2fb","ssdeep":"","tlshash":"9f51b386eeeb19ef0366c8842e64569a3d6631c9f142dff3d400f780288367375a745a","first_seen":"2026-07-12T17:38:11.867592Z","last_seen":"2026-07-12T21:19:31.916683Z","times_seen":7,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/auth/session","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.436Z","timestamp":1783889286436,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/auth/session HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nContent-Type: application/json\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nset-cookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; Path=/; HttpOnly; Secure; SameSite=Lax\nauthjs.callback-url=https%3A%2F%2Faurexss.com; Path=/; HttpOnly; Secure; SameSite=Lax\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wUt3xLn%2BfkM15QJAq8yVx9%2FWzbjPnqnmZxVWs38Ze2KbtQMghifDp1C6aetyuVaNWI6zdaWMLzOPNF3IBGo55Vn%2FI6kmctgQh7291t01HInIT0I7weY7h%2BbJXGbU5A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8283b4723eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4,"size_decoded":1368,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"37a6259cc0c1dae299a7866489dff0bd","sha1":"2be88ca4242c76e8253ac62474851065032d6833","sha256":"74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b","sha512":"04f8ff2682604862e405bf88de102ed7710ac45c1205957625e4ee3e5f5a2241e453614acc451345b91bafc88f38804019c7492444595674e94e8cf4be53817f","ssdeep":"","tlshash":"b9300000000000000000000000000000000300000000000000000000000c0000000000","first_seen":"2023-03-07T01:02:14Z","last_seen":"2026-07-13T11:19:32.518561Z","times_seen":271577,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/avatars/avatar-05.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:24.327Z","timestamp":1783889304327,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/avatars/avatar-05.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:24 GMT\r\netag: W/\"6c80-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YxaigARZmriDlwc55IsX%2FMhgUkG6oUjyqO8%2FMO2uTpyb4rmTiit%2FyIKdcPTi6vxxBWQfdzhRiCiMAL66eJ%2FHK7enXiujPu9fFfIt80S7KUIEcZwLyZm0nTmar5Ro9A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8980ed723eb-OSL\r\ncontent-length: 27776\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27776,"size_decoded":28781,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6e793b51845ab5490d571ca386013d33","sha1":"b41b56854224b49bb3c52221590c07154bb01b43","sha256":"0478f021f3a2c9eb30f2589ede241013b251e2aad9cd454c2601895e2a8554ab","sha512":"4535edf2e2cb2cfc1007f468796364e9e961a07704ef1b501434695cba44bd6cda927863e7dc32bd951df85765b999f528402a8075f2858e1bf67819fa453151","ssdeep":"768:CqHyqocAy4Typ6eqt/pzx4LU83Z6/kO/nheetlaKV:SqU5TypaZpztEYXweL","tlshash":"3dc2e003abf46fa6d53f289769dbe7b246242530139cdd4baa36554531820b6200defb","first_seen":"2026-07-10T09:45:03.486194Z","last_seen":"2026-07-12T20:48:52.747631Z","times_seen":11,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/app/(main)/error-e76e5ecab04323eb.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.366Z","timestamp":1783889285366,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/app/(main)/error-e76e5ecab04323eb.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"23d3-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QVCbxnmYzo4cb1riOnQkWuS0Ik0tgBe6qjh8VtTM7nM3evacgm6sVUwWIHbOJqdDJVpcU3pmOt29%2Bgq2KCsROlwwf0eXIMFdVbwiReaPJYijR7kU4AFUsvLe%2FdDBtA%3D%3D\"}]}\r\ncf-ray: a1a2e821897323eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9171,"size_decoded":4199,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9171), with no line terminators","md5":"ea37a6907bbf49850fbc241b021b98ac","sha1":"0c4b73cae7505f9098532e047b378bfae64317ac","sha256":"38ad85b1457519a9dc72e54394f3996d7560f3d34e3398ec2ec72a9ed62253aa","sha512":"dc3684031a1dfd4df683fa10824f12e47c829ae2d20a92efd4820e6ad9e55732c6a9784530685c9356a7af34747a1a16f700f036f08e09d75bee9b15f06256cb","ssdeep":"192:lTzTFtTCTnsHTTYTetT9TYTFTYTcTLATnPtpSTiuTQTp6TPTSDTETzT3sToThTF9:lTzTjTCTsHTTYTmT9TYTFTYTcTLATPrw","tlshash":"681224fe5f9e25ce5512c3ccaa4ba040d7de0338365e4821a58ea8b9c241956fd77f24","first_seen":"2026-07-10T09:45:03.528266Z","last_seen":"2026-07-12T22:01:35.281579Z","times_seen":17,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/news/provably-fair.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.927Z","timestamp":1783889286927,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/news/provably-fair.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\netag: W/\"c05c-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8khn9WySnxX3v0FAAPBYBQNP8u41PRkTHvxJoRkMsLHy34G2k1A%2B4eahuKVc6cqbGl4S7bhOXxwlVDdGIjZpM0rtiZXsMi3ZAeDP6jHY8YkfRGhXkR9JIcCBAmY2mA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e82b4bee23eb-OSL\r\ncontent-length: 49244\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49244,"size_decoded":50240,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1376x768, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7cb9cd43359de54e7564c725bb9517d3","sha1":"1245094b8fc133d439c2612cf4dd9fb47e3184d0","sha256":"8399ac55ccc149cc474c6441e1bf099afb1d89dcac48e6898df23203e13388d8","sha512":"e4a6ee358263129d6fd50c7e98367f83d92955c35abe7367b8e081757483319934cf8c10c76a54cc91e3ebdcc1562b4f16c1bed6bdaa6014c22319a457669783","ssdeep":"1536:dc7h8uOGfEiIWwtbwyn2ej2/4/S4uyrhXaetd:dMwGy2es4/S4uyr4+","tlshash":"152302dcfd0b7f91e3172448c110d0a5b5f565fa93596e825398d883b68a83fc6f428e","first_seen":"2026-07-10T09:45:03.524343Z","last_seen":"2026-07-12T22:01:35.323973Z","times_seen":16,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/big-bass-bonanza.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.393Z","timestamp":1783889285393,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/big-bass-bonanza.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"169c6-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GFhwX6N6KJJeXAsLoOM48U5gOjUiBMX2glwTkd3aqZn4dGh0wCzxr9MHo%2FIfCIVcpZZBRSdmPH%2Fwcd6lEOKb81rkbgIyhi2oxY9V8PfFEi47%2F7FjpZa8W1J2h4jqbg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821b98b23eb-OSL\r\ncontent-length: 92614\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92614,"size_decoded":93615,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"443881f8c79d4de0a637df4ce96b3c19","sha1":"cbd10da798bfd8caf5d234360dc274c93b600900","sha256":"2e4b3955d6828099b57a5ccc9d325301b8abb126295de75f5317130d43a76691","sha512":"4d88e453ae4284e8fb7c32ebf84c645b5999e417279bccecc045871908df72432d08792bff06f102720ded6ebb7c282c54939150ce7d9125c2cb1b63e9f0bf98","ssdeep":"1536:bxW89UOQSeptnJIDxEwfsD6bM/o6mcf/CVu87qON304H+1+tydijszMYrFVGL:bxWMUOaudPs+bMA6NKfX304HNIdig4Ya","tlshash":"619302db442be59d773b0bbc7aa98f7669db11446824d316313ca0253af826184ec1f3","first_seen":"2026-07-10T09:45:03.456319Z","last_seen":"2026-07-12T22:01:35.307519Z","times_seen":17,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/wild-west-gold.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.385Z","timestamp":1783889285385,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/wild-west-gold.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"1267c-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9EgOdk%2Bcb4mPlJSc265BHbYMLGesmWRe41RVVBnt9wUAuWqhdx%2BkOi%2BfAIAM%2BZ0rbMCzfty7h4Ahi2GBUnA0bHJh49IgjTL5TXuEijqYCUKiGjAjtAzSQjEICjlMVA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821a98323eb-OSL\r\ncontent-length: 75388\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75388,"size_decoded":76391,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a4d08f2ce7d608f3f8c032b0822a72b1","sha1":"4af5325f2834e09cbac50c22145eede287e20ea0","sha256":"3f856fd2ffad9148db6e06b06306c8753774c51fe02bb3f189702b14d0be6a30","sha512":"e182a41e1df5f49e6bcb4212c0ff417ad34a0534fa86c3f5f8350230b00325b85b15f065202c4745694b6e742793208ffd6ef59fef11f2b3f62f212f1ecb72d9","ssdeep":"1536:xCht2pj7iiYngyCZguVap90E6+dd5QHIyJtiQj3Yj339wQOVMP:whYp7zIDuVapeEjdd5QHVt78j3tIOP","tlshash":"c77302ac830ce2953ee17c7bfdd56457c0804ae6326b5ec92a01b4d61737ce5cad3a1a","first_seen":"2026-07-10T09:45:03.496757Z","last_seen":"2026-07-12T22:01:35.295138Z","times_seen":17,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/fruit-party.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.401Z","timestamp":1783889285401,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/fruit-party.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"13b8c-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cf%2FXeLWMoFrif%2FA2Whx1R3y9hHIN5mg5w3oPkzMv%2BYQ7adHUf%2BX6TYeukezMhKQX8UrG%2BhT%2B29j%2BgstltCV3cwFtyaOMfoKmxNIhKuzkG5PBQU0fLueIEyfOhFIUHw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821c99423eb-OSL\r\ncontent-length: 80780\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80780,"size_decoded":81789,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"76124d66fd092f1fb46a2fd2d5baea5b","sha1":"a018a643b11d58fae6dd05ab45649a1b1ed87654","sha256":"898d2a436e53af8b4b276cdbe618f1bb8180726af0f59360789b2b2a9d8f9604","sha512":"6d50bd5aec5f9831e6f2c6a83f347530b1849abbccbd6120f11c32ca00b916cfffe9d30fbaed1538f3fa94372ca75ce6c3cd992fdf2bdc76bd353fdc9263a59e","ssdeep":"1536:FQsFiQFgi0PoyiGjaRt8HPYQ+3elQO0+Cyf+klBCsRR+PWVpWwhxP5EqUncxT2:FQkPT4iGjaRt8HPYGlQb+aSR+PWVpbVw","tlshash":"198312289c92e5274b45d345c37e570ae89f0de77d032ad6e40f97d2cac1639f82ac68","first_seen":"2026-07-10T09:45:03.482021Z","last_seen":"2026-07-12T22:01:35.320765Z","times_seen":17,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/reviews?locale=en","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.432Z","timestamp":1783889286432,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/reviews?locale=en HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Host, X-Forwarded-Host, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fJj3s%2B%2BvriwB0sxqsceyOYSHOgG9uO21moGR8NVJUuIs72huWGxEE48EtjkIvkNTDRp5%2BlkRnc5ODnUE5hlkjTq%2B5DH2pntrOu%2BLzPOFU8fLzsgPKBsdEJezcuFJAg%3D%3D\"}]}\r\ncf-ray: a1a2e8283b4423eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18928,"size_decoded":6368,"mime_type":"application/json","magic":"JSON text data","md5":"44acc86ac9d342b1621d4785cf4db901","sha1":"379ab2977142202679896fe2391dc1c05c3bdea1","sha256":"d39c63fd3393d532a2932406d961a23491508975ab636eb8f9e462a25cb58def","sha512":"c70a946c6fc3500346755db2e176e487b679dbf775a0c607fc435874e801644917b6da3715feabe22e60f705cd5061d4f942aba8d3c28b89842a2e86f8557d30","ssdeep":"384:VU9U0T4Euc0kaBR4sjiQmi0TR4IQEt6ee:VU9UU4EuKtHTiV2ne","tlshash":"338255676518623c7a7220eac14b7fa4271c79327302dce4ed4fcebe41e65f9407a49a","first_seen":"2026-07-10T11:27:04.705833Z","last_seen":"2026-07-12T20:48:52.77005Z","times_seen":2,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/avatars/avatar-06.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.444Z","timestamp":1783889286444,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/avatars/avatar-06.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"8f7e-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qIcucGlR3aZQZr0f%2F8yxqKHQ%2FsAuRf7x09MR%2B%2FkaAOe67dzJs%2FGH6pAzqr%2BjYj15%2BRqtaVrEk6EjW3%2BrsryFo4fnnvqlSURRjgD2db6jVWF8%2BpvYRsTOU1%2BaE%2FVqxQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8284b4c23eb-OSL\r\ncontent-length: 36734\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36734,"size_decoded":37750,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8415c57ab324120f06dcb58f4a3642be","sha1":"c2643dfb4399333571036c100e8b6ef751331845","sha256":"56480fdd85dfea62d1c1e8c2bb50f439335898b297ba0252bede15905feeab03","sha512":"b854b06dae393078db8d160da65e2b0dbdd3e4abc09a3885f12ceb555390628ce4f15a1096d07008a235d424a01fb52e48ef1a28441c3fb851560f0f3887a7b5","ssdeep":"768:Kmf28ZprnqhaGpxAP1xASrjxVZuDsVPy1U7HQegWebUOgHdZxhF2:h2aZqMCA97rjTZciy1iwTHg9PhF","tlshash":"70f2f17ae574300acb98e8183c133892fec35869158791d0291f27c6afe3b9fe61585b","first_seen":"2026-07-10T09:45:03.463406Z","last_seen":"2026-07-12T20:48:52.771005Z","times_seen":12,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.454Z","timestamp":1783889286454,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 522 \r\nretry-after: 120\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 12 Jul 2026 20:48:25 GMT\r\nx-frame-options: SAMEORIGIN\r\nserver-timing: cfExtPri\r\npriority: u=5,i=?0\r\nserver: cloudflare\r\ncf-ray: a1a2e8285b5423eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 7217\r\n\r\n","headers":null,"cookies":null,"status_code":"522","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7217,"size_decoded":7672,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (510)","md5":"6d6574bc2ff010c25d80f326ec5062ef","sha1":"3f26ec6df26c5dc0d31b5b56b814ba8f2bc66563","sha256":"d2544ca0ef5c2a57e2108f018c66959645cb3d56caf5677d6165ea2a3e6dd768","sha512":"8eb29c8e71b1fb0bd9aff5676962677cc23b0aa22c18efcaf4bcad6a7295c583c655cc2dd8d9d33f4acb25c7200069d2363fbf27496ee0f94f9bd6339b031e0c","ssdeep":"192:1j9jhjYjvLK/BlvenWNc9VyjoWQ+D97vlyUeP:KW/BlQWi9/9+D97vlyUeP","tlshash":"15e18472b1f5127a10a381923695fb5a79e0c217cbff5494b3ddc2632f9ee81e903290","first_seen":"2026-07-12T20:48:52.771542Z","last_seen":"2026-07-12T20:48:52.771542Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/crown-icon-512.png","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:07.512Z","timestamp":1783889287512,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /crown-icon-512.png HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\netag: W/\"3d605-19f1a0f2520\"\r\nlast-modified: Tue, 30 Jun 2026 19:43:48 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GSdQgd7w%2BZTLQziWM3%2BJXOpbL0QuOzuQ%2FyJr6rlXon%2B321IVOxnuXAy8WGnEK3CeisBXDo94AuSgVZuxwMq8rW%2F627CuE0lG9NYIuVHbLY6t%2Fywhd1qPezsOZumWzw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e82efcaa23eb-OSL\r\ncontent-length: 251397\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":251397,"size_decoded":252407,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"80d4744555e10615fd0705451496696b","sha1":"cdbb7f742437134f1a5d60165acf86ad5213db97","sha256":"6e73823fa9392ebc0bf9d73a2d4125b570b38729f8d9ea310afa814fd6256abd","sha512":"c9bfda11e02a25c4582ae239c6e168d59accaa434e697ce2aa6d510edf759e3a24f623e9219961edf63a7a4a1f0dca027a8f06f505a2a544c73b0d3607457b3c","ssdeep":"6144:NVPLp8eA7j5PdHoachilP1Odjbn36A3EHgbmODh5d/FJH4VAvLX:NJNEtPh8ldjbnKTcp15ddZ4VAvj","tlshash":"8534232db096f918cc4e7f515e3d4f4a95b773eec97db804619865ae8a3d29030c4b2c","first_seen":"2026-07-10T09:45:03.470767Z","last_seen":"2026-07-12T22:01:35.244679Z","times_seen":17,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/1255-c32318a942e40e3e.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.350Z","timestamp":1783889285350,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/1255-c32318a942e40e3e.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"2a3d3-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wOaTpK4RwBJNXsHIq73OhQuJU5OI2MkmjpKoUVg2690GvRIgF41dsHbAQKblJqErSTZZc4OnQ3%2BtJzBtDQNC1BWOv93sbepIXCWZV3XIRiGIrEJGtXA5U9TpdRpycw%3D%3D\"}]}\r\ncf-ray: a1a2e821796623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173011,"size_decoded":46812,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d0655ecf061ed2032b2ed77f5fac4960","sha1":"bd73869341e65531e389db448125d6aa1b94dc73","sha256":"da0b6bb480869080c97b8a651145be0afa28d583e9f61fdbf836fbaf22be5ce3","sha512":"848f838f84fef605ebcdfe400206de7557e437dbc80169c2fd494308da5747a6fa93547706a1a590b39d20aaf9587ea08e5bb71a162734255329beb93bad6485","ssdeep":"1536:bzigN+8/BhcO5HYHqLVcXo7yIzPr6Q04ToTlTx1p7eChTtaocZXxreXRNIrky/Sz:379LmA+sy4r904Aj44RN0z/Sz","tlshash":"f0f3dab636d0f8d107a780e5843b400af3291c3b146f74a0a3e6dcd975645dea1b3faa","first_seen":"2026-03-28T22:09:22.209351Z","last_seen":"2026-07-12T22:01:35.300715Z","times_seen":26,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/5708-926a5cbb3579d1f7.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.364Z","timestamp":1783889285364,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/5708-926a5cbb3579d1f7.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"6924-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y2%2Bd2u9Jpso7Z626%2FfKNVxbI8N8AlrM0rxjzxsD3G6PPjwNpJpXYJY2g7o%2BL9pTDr7DPiIMjr1umgAQVI7nXd7EgEtyuv30MLLnCmCJaYlWvMna3ytLO8P2OxwnGIA%3D%3D\"}]}\r\ncf-ray: a1a2e821897123eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26916,"size_decoded":7034,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (26916), with no line terminators","md5":"b58d901009e5dd078ec84a30e48e151d","sha1":"f871fd5e9a02a283c8e31a9be700e4ae15715e17","sha256":"0faa839769526c3620c7c8f7bc9b4b78004ef9980c103cd365079fbbedff3ab4","sha512":"b31d347b922a69e047655ced69bf8b14f63967d19b9b2df4b68726f51b5462170295305ad351d502bc84613fa23d89898c53400e8ce7adfa908d20f7c8ccf899","ssdeep":"384:u4daU8llCsp4PSOIX+lhs1UW5KRJ2YE7d2BzS+k0JQu2U67PMvia+MT/BuM+Mn4U:u4davGFu+j22","tlshash":"f1c27019aa4ba4bb87f116ef697d0b8401af075ff548ce17e529cf183347a252c91e2c","first_seen":"2026-07-10T09:45:03.479914Z","last_seen":"2026-07-12T22:01:35.306961Z","times_seen":17,"resource_available":true,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.024Z","timestamp":1783889286024,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://porawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 04:44:35 GMT\r\nexpires: Fri, 09 Jul 2027 04:44:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 317011\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":36932,"size_decoded":37745,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-07-13T10:54:12.396632Z","times_seen":29702,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/vs15godsofwar.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.603Z","timestamp":1783889286603,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/vs15godsofwar.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"43894-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HLYa5r18XHHLnWyiVjASQsthdSCz%2BFpW87cuCJdkfMV8wWxlmamsh%2Fd%2BHqIyRC0HJvGMDIdwpJwa4QPIFssxtTrf0LZ8%2Fs1ibq7gfkPtZ84AIcpMVwlZ5rdeAhisMA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8294b7723eb-OSL\r\ncontent-length: 276628\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":276628,"size_decoded":277558,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"979852fd6da5e7b15cd1f5f92a961106","sha1":"9d485e3fe899b422b9adc4b0c620eb144f335352","sha256":"f4559971ce6d4019c823558f1c57616e238fdbf96dfb35c8fd6583332ecd3636","sha512":"4bfa3b9e5e68e2765661c2baec88d68a3af81387d7cc1c463bd4a80679170ce9a6ad3ee840e604ffb99391dcf971bb26cc5d500dc5e79703f986cd0526580b11","ssdeep":"6144:mIeEt/tm0YtyKztgChb1k9q8OKrGs0fpltbEFatc+cahe:mBEtwNthtPhb1kBjN0fpv/cr","tlshash":"9a442356ff3970a651bbefb4aa0012d20b23ae7864ef33dd309655c10a4c5831a9b7dd","first_seen":"2026-07-10T09:45:03.512611Z","last_seen":"2026-07-12T22:01:35.309255Z","times_seen":16,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/register?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.987Z","timestamp":1783889286987,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /register?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gUAfiHAqqyXVoYBez3y8xqyRtnmHNHnDyqX9NtJXjNS%2F6dAPOy1nIu3QcOk1dofcooIFx1xL489Vnsx5ncIsWejUNQwetmuNhB21n74L3f0BokXH6ukv1w1UGmAO4w%3D%3D\"}]}\r\ncf-ray: a1a2e82bac0e23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":189,"size_decoded":1205,"mime_type":"text/x-component","magic":"ASCII text","md5":"a32d94d91933902b4b05f3c8a735b560","sha1":"8920b174f43f30bbe53a5915b17f6ccfea6df3a0","sha256":"61e50f01d990079ece93a0c44410d3219ed663a3dcebb1fae2d4093bf2336dbc","sha512":"f4d80ee278294aa87a8a3ad34739cebb09409993c23c82e4c397b4fc7acb0aa0bc739c8ffd649aba0c45384582d03351f7f41cf2255e1ee289e7b4e685b7aff1","ssdeep":"","tlshash":"fec01227860c29b75cfe25b8042dc60f661e853f239454f0d1912d75ab771399d471e9","first_seen":"2026-07-12T17:38:11.797511Z","last_seen":"2026-07-12T22:01:35.304475Z","times_seen":8,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-12T20:48:04.736Z","timestamp":1783889284736,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 12 Jul 2026 20:48:04 GMT\r\ncontent-type: text/html; charset=utf-8\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlink: \u003c/crown-logo.png?v=pm\u003e; rel=preload; as=\"image\", \u003c/polymarket-logo.svg?v=3\u003e; rel=preload; as=\"image\", \u003chttps://cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/gb.svg\u003e; rel=preload; as=\"image\", \u003c/lab/hero/hero-crypto-v2.webp\u003e; rel=preload; as=\"image\", \u003c/lab/hero/hero-vip-v2.webp\u003e; rel=preload; as=\"image\", \u003c/lab/hero/hero-prizes-v2.webp\u003e; rel=preload; as=\"image\", \u003c/lab/slots/sugar-rush.webp\u003e; rel=preload; as=\"image\", \u003c/lab/slots/the-dog-house.webp\u003e; rel=preload; as=\"image\", \u003c/lab/slots/mustang-gold.webp\u003e; rel=preload; as=\"image\"\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-powered-by: Next.js\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZrIoG5r6lC9uX0Xefai2iRNOljb%2BMwiOhsNCmSyzJHYcfHqQdQRWNH5GX3o%2BhNdvaVWqVa1qg0T6tpgbxAA8hFO%2FJSJ2dCrf3QMyywllHbCTI%2FF9QexXKdJcSyregQ%3D%3D\"}]}\r\ncontent-encoding: zstd\r\nserver: cloudflare\r\ncf-ray: a1a2e81dcfc25697-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]}],"data":{"size":145149,"size_decoded":19778,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (36374)","md5":"947a226cb4a10d2102609c6db9555f3e","sha1":"697411f7ead42ed66296fa7ecd6003c8cc93233d","sha256":"597b4bb1fe8aae1fe87bd44e4fb1c86335bb04301345d8287fea3665d04baa0e","sha512":"59a1dee05f50d592a622c7df8b03292ee414c44b9d7284bdd096f4e188d0cc238f3afd554b879fae593aa8b80719ea72f8098b1ac31b43ebd6f9e548d459ca6f","ssdeep":"768:gsOVpxjnjXu/sFk5wTTwLcZ+4NTfmE1fmndfm6BpnWl4kR/yosbbpcElOvDW2Tv7:GLjjsik5wTTfNgjW0hpcQ3R/rxC9L","tlshash":"62e3b931f2095c2d7033c585e5766fae70a9c116d32a4518f3bf6076e7c39faa6226c8","first_seen":"2026-07-12T20:48:52.775577Z","last_seen":"2026-07-12T20:48:52.775577Z","times_seen":1,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":11,"connect":1,"send":0,"wait":170,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/crown-logo.png?v=pm","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.376Z","timestamp":1783889285376,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /crown-logo.png?v=pm HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"f80a-19f43a76a28\"\r\nlast-modified: Wed, 08 Jul 2026 21:34:33 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PK%2BERkacXCN5cKQYY8DjcLUuD5t4sZT%2BBndgnWdCb7mMmMOuebR%2FH9CQfaqpexXF3wsE1X05pzho6uVeDLrCAWk84aHrQE7X8P7WcOFWKiMBzAu2nZF5m2P3V34ibQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821997923eb-OSL\r\ncontent-length: 63498\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63498,"size_decoded":64497,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"a3c9a1078bc4e53205f6412d40341501","sha1":"efc5627b4a72ea439076435289258e1b79b8d57b","sha256":"1e901b8226f1eb9f404ed2ed750935526bfe4bc1bdc3c655a0795b3985838b8c","sha512":"6cd908a4215ed45291ac9bfa839657d53226709912983e6d91cab8240efe87f1fa5acbb73dda72e6828c22d5d7345da2851a6a9cd55c237b4b0357cb16c71e26","ssdeep":"1536:xd6Ed8fHrKzgDjlVb0MvORymKojhtWjt7qtvy6STdyE0:pyHDRdz2vhtWjNXd6","tlshash":"0d5302d4f4b4afbc3419a6bce6961d130fbb42646dfa40212e887e4d9d22465d9f38c3","first_seen":"2026-07-10T09:45:03.481088Z","last_seen":"2026-07-12T22:01:35.256309Z","times_seen":17,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/bonanza-gold.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.392Z","timestamp":1783889285392,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/bonanza-gold.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"19894-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1wvjzHsaOos%2B%2FLO1NEt%2B41x2eJrzwtKsBeN8EfF6apHK%2BFIAekaMnDx6kU9T7qzI4swq5D8HLA%2FaXZexJYxd%2FjRP6w8iy1Iq3VUhnnZGG83ZTRLIUNWgSbbH3Vi4TQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821b98923eb-OSL\r\ncontent-length: 104596\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":104596,"size_decoded":105604,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"41a60a105c2cfe76d0467a5b09ae0a33","sha1":"551e9c83845fba6fc18db7a4ac086c215ff8a179","sha256":"b78350512b1d85e07b3ef58b82aad59ddb661cb83c0575faafe676525f215907","sha512":"1ea5a610329876344d027bec3868e54d569ea08899bf3bb565e0750b3fc468a48d78b675344162e4555d61112a30c161a8a4430502547898cee97fe320c5ec38","ssdeep":"3072:4kSF2Y4Jf5pFoQqvZ798oWHprJMkhu9uAvX5iQjgw1H:pSUX5A79dWJrJMkhuZvX5g4H","tlshash":"60a312c579393f7d83899a43ec1da0c3f026f9e51edd2f42dc4c5606ea3182918a4b67","first_seen":"2026-07-10T09:45:03.469823Z","last_seen":"2026-07-12T22:01:35.312172Z","times_seen":16,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/images/payments/bitcoin-btc-logo.svg","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.402Z","timestamp":1783889285402,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /images/payments/bitcoin-btc-logo.svg HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"815-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nwvF08CkSS9ZXvDonAOYgBKVHgNMK%2Fg9xOliuzObzGhfVwaK2G38eYrGH7NXKvFb9FS%2BIs7Aot%2Bt6bKVMT0Ne7WjLjXQLjY%2B8A1YwuZzpdv9Kp5saCRWHefaDL56fQ%3D%3D\"}]}\r\ncf-ray: a1a2e821c99623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2069,"size_decoded":2123,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f92890de8d6512e2597d378f00254e71","sha1":"ae4f3414bffd2594adedb794d4f9eefb2a86c382","sha256":"51a4362311aab24ca9f1b68d3ff5faf423385db8ffdade0894bd6acb799e53d3","sha512":"6ab7b81fef67d104a6fdf5c9523efc3d03d6039913a3cd3dac6d22fd4975d2449be7043953c840ff0ee8fdc7226894b07c287790381b0fb653579d8dd55f140f","ssdeep":"","tlshash":"cc41a5fcca1a8952ca9e4b6ceafc4c5e2f23604f016d01fcc58296f57c125f58645a9d","first_seen":"2023-07-06T20:31:23Z","last_seen":"2026-07-12T22:01:35.242849Z","times_seen":814,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/reviews?locale=en","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.440Z","timestamp":1783889286440,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/reviews?locale=en HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Host, X-Forwarded-Host, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0xAViKyUM98jIedQLUCzr3id1Mfg0ZVm3ZUzsT9m1yZkrWNh5lZ1gyeC53DBjfrIBuBgwftB%2BPKGMHuTxe0VauH7rAClgvXYbAU3%2Bc8%2FI2nphVatoxa5dSpl4AXO3Q%3D%3D\"}]}\r\ncf-ray: a1a2e8283b4a23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18928,"size_decoded":6364,"mime_type":"application/json","magic":"JSON text data","md5":"44acc86ac9d342b1621d4785cf4db901","sha1":"379ab2977142202679896fe2391dc1c05c3bdea1","sha256":"d39c63fd3393d532a2932406d961a23491508975ab636eb8f9e462a25cb58def","sha512":"c70a946c6fc3500346755db2e176e487b679dbf775a0c607fc435874e801644917b6da3715feabe22e60f705cd5061d4f942aba8d3c28b89842a2e86f8557d30","ssdeep":"384:VU9U0T4Euc0kaBR4sjiQmi0TR4IQEt6ee:VU9UU4EuKtHTiV2ne","tlshash":"338255676518623c7a7220eac14b7fa4271c79327302dce4ed4fcebe41e65f9407a49a","first_seen":"2026-07-10T11:27:04.705833Z","last_seen":"2026-07-12T20:48:52.77005Z","times_seen":2,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/vs20olympgate.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.626Z","timestamp":1783889286626,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/vs20olympgate.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"3a86a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GfNj8HaawUoEZWrBNexig%2FglEegKfXEYaL487TKxxnOPI9cvp4Hww7w3J0N3XQaWhzS4%2FroQi5%2FX7MaG%2F%2BFqb3Tr2RrZHKdgNJ6ZbfCR1XTcIgZOsTQNpHRxOO%2B%2BFg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8296ba223eb-OSL\r\ncontent-length: 239722\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":239722,"size_decoded":240658,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"b35b2e8a7a9bd2a1a1a3f3410abc0b9e","sha1":"9eed673b17df07b5a18c95cd083bf70a6390443e","sha256":"9be0afa381a4a45438b694ea6274eb5dde604c78e2c73a29e6f90a01a7c6ca22","sha512":"df25a134ffba384be1f1b391c70bfce195f8f05af57102e4bfe93738ec3fa0617a177807f13adff85f3a944d8936af78078a6a5d7b9dfa08ffa92a73c86c2817","ssdeep":"6144:Re/CZmWFt/Sk0h8WB6H8/fL79MsmyAny6Tlc:RebI/9lWB6H8XLpjmXy6Tlc","tlshash":"c53423cc96dec83d1192865d889bedc1778875702b0a9281e16aa1fc153fdeedf0ed81","first_seen":"2026-07-10T09:45:03.575765Z","last_seen":"2026-07-12T22:01:35.25694Z","times_seen":16,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/4bd1b696-100b9d70ed4e49c1.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.349Z","timestamp":1783889285349,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/4bd1b696-100b9d70ed4e49c1.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"2a3e1-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jDw2g0ZuEfyG%2FujLrHZh2XCJR%2FzgUWUdUIL5F7ho7yBUOeB%2B6DrV9LbD5aAM0T2ZL5AHPrX7BGwMRxI6taQz13gp6vyFoGqJ0cQaDS%2BCSrM7MbAJ8nBBK2JSCGiDAg%3D%3D\"}]}\r\ncf-ray: a1a2e821696523eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173025,"size_decoded":55361,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2a9c2166a0ae63c27a466c7fb5903d80","sha1":"51f1c90c3f1e1d32d0c81e836ded7ed5ba0601d6","sha256":"5421e13a91a9389517b66179f3b4b5eaa0d95245438066d4d7b19ac30aeb809b","sha512":"8dc6274f2637076f1b5c4cd3f61b14259ec5552d844245c8b93a64f19c8b6b7347554a03b994b0f880b7dae74ad65e54eaa00be81783c2cedbae82a7fd4b89dd","ssdeep":"1536:DWET9Lwegcl2MywYleojBFOQLfioEV7hNc7lFlgXGhJx4bzZc5zg5tgW/zAe6c0:Z9LwzMyh1vLEE7RgXOQ5SIA1","tlshash":"ecf3f8ec3999e611aeb342a700df28037378261b240d4d60a614fd9ea57845bb17bfde","first_seen":"2025-08-21T15:49:50.637902Z","last_seen":"2026-07-13T10:45:18.945199Z","times_seen":13110,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.998Z","timestamp":1783889285998,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://porawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 327564\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T11:17:56.345809Z","times_seen":233417,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":44,"dns":0,"connect":0,"send":0,"wait":23,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/vs20fruitswx.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.600Z","timestamp":1783889286600,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/vs20fruitswx.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"31428-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ypR07VF1SW6SMWaK57wNKPgimnqOl3qDdC%2BpJVoulWXcYXV8XBvN9TAARhx623A1YnBI8bIIfFJbkhBl%2FBDqHdhZQeCZdxwmcn%2FWyszFs5W%2FvKQEo%2FnhEvJlr%2B%2BCIw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8294b7523eb-OSL\r\ncontent-length: 201768\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201768,"size_decoded":202704,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"ac08f5558650d48d9b0bd9ae72b1166f","sha1":"bedda2b400d8004617b2ff776dc48ff33144e2bd","sha256":"b0e126b697e15eae77aa8bdf34acccad7a301f473dc51b04ae6c4dd44c37d215","sha512":"ec81c53934e25981e45dabb5592f15846e43c839b6096d82a68f1f4a85b93a4b201153a2c7a534beafeeb3db948f311a86af6c85a4a46106fe1acafa1fea99a1","ssdeep":"3072:sTgm6MDseJcjCdRlu1CcmdRDKaD8qcPZQdr76p1+CGOjPZcBxWb+a4Z7zLj1xHxH:v+gAcjE2EtD87qf6GOSWb+aqzLhxHic","tlshash":"c41423d726dd2b3b9b6b4a7a07f7522f88fd054f9060cde0e3690500a65bee99f44702","first_seen":"2026-07-10T09:45:03.514755Z","last_seen":"2026-07-12T22:01:35.265894Z","times_seen":16,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/vs10bbbnz1000.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.613Z","timestamp":1783889286613,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/vs10bbbnz1000.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"31661-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r78xTkxi3KhaYYwl0b7GsIaYP9iAGZuW1AkpH%2FYFLJ6DQLo6ADsIdWZj9yUsm9kEKvp%2FvZ1d4VnANODh0UEyEYqFrsYRzseJX3gxejax39W6zB3%2B7zzJuRfsLi9ReQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8295b8b23eb-OSL\r\ncontent-length: 202337\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":202337,"size_decoded":203265,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"fc682a01b30969c31b5d2c66887d4be7","sha1":"605e59716ef7353dc35d0e7da342a8ee2a6b52df","sha256":"07a2e1c144e07f1aef4ef295b983371d4014290fe0386df6d89a2d63c600fe22","sha512":"e99d50df16f3783df87afd21266d31c1679b2718c11cdbb620c570be8339b4dd634b6869063c7eeb3e55c654eaeda751ef886809fe4ec45edbff01e5e8128258","ssdeep":"3072:+s2K0+E1BVyXNZdGahQpX10H3gIu4BgAKGMUy4e+qB3TxTp+K4ay62bB6+TDWOXd:FB8F0XgIu47KGNHzqwuy6qBdTDWOvA2n","tlshash":"d714227b36df3816e6c2a0768d7c5d279260a9e602f728d62c6173ead1358cf5017fa0","first_seen":"2026-07-10T09:45:03.494863Z","last_seen":"2026-07-12T22:01:35.31273Z","times_seen":16,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/us.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.686Z","timestamp":1783889286686,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2026 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 20 May 2026 15:48:47 GMT","end":"Sat, 05 Dec 2026 14:48:47 GMT"},"fingerprint":{"sha1":"D4:05:C2:EC:C7:EE:2B:D0:08:68:0D:3D:33:77:48:78:43:E7:D1:E1","sha256":"ED:84:90:EE:71:BC:6B:5E:B3:D2:50:B0:23:3A:06:0D:E0:50:C6:B6:A9:09:36:E6:CE:FE:E8:66:89:EB:4E:C5"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/us.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-length: 308\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/svg+xml\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"288-N6tykxPUfRT2NzJqFDLuAuYttUQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\nage: 980760\r\nx-served-by: cache-fra-etou8220072-FRA, cache-bma-essb1270023-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":648,"size_decoded":1054,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1d23b9509d0a0a828e3071096b0d2edf","sha1":"37ab729313d47d14f637326a1432ee02e62db544","sha256":"e7be4240cf57987926673708f09233be1ab6bdf35acc7b86bd32a263f197a2a7","sha512":"b658ce1342283e8c9155e9f626a9ea094bbf2c7094e59459b3bc262384bdfd65b170b6110935c9d3a2989cac6e24efdbbf06e73f9fa9fe74119e60595d8e8650","ssdeep":"","tlshash":"80f0f4f1d2ece5a8851136cd1fbdb6a823d8bea806400dbba04c3c6c2425d7667835e8","first_seen":"2023-12-20T14:16:02Z","last_seen":"2026-07-13T08:02:39.907134Z","times_seen":4057,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/news/how-to-buy-crypto.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.925Z","timestamp":1783889286925,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/news/how-to-buy-crypto.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\netag: W/\"137f8-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bxJFkX3JsYQ1GHeOUS%2BDXP8tIqMhlLa4CNYQtE8Gvs826uE4OaxC3t12%2FHpGq%2BiUPWy2sqOZJ98ycdhmP732TvIMiXx6S78tjMHj36%2FcUadZfZQtVtVthAJ02TatGA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e82b4bed23eb-OSL\r\ncontent-length: 79864\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79864,"size_decoded":80867,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1376x768, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1107d21122506f88e0850792ab1fcaad","sha1":"30d895ba8c7434e748ded830911cc67a502baa28","sha256":"9704548ed0dae59ff4ce90cdde49cf54d0ed4bdcf9c4347235d4fa2da39265d3","sha512":"8a81780ea3078a9edb6cd267091142643ff671411b5152501df605d03186e070012be84c5dea9406f4067c07ef7c5ccd50aa399ec90bb3c7bcb65030d7cf6234","ssdeep":"1536:Hg62YCdvJWD5zcs/FGAFmu2J7hLSFAmdNb2V6WEvwpVkAPWWr33qM:AtxW5zcssBVJFLNCNb2kzkVkpWrnqM","tlshash":"91731222c523bf9908717e948403d04bb9205562d2e43b0a97b26adf6a334fe39d5ff5","first_seen":"2026-07-10T09:45:03.461412Z","last_seen":"2026-07-12T22:01:35.290266Z","times_seen":16,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/the-dog-house.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:15.324Z","timestamp":1783889295324,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/the-dog-house.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:15 GMT\r\netag: W/\"109aa-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uowS3k6mTkZ0PcvfI0PDgtquGOZF756jlkHi5JlFuHKrsGMqY2f0bBOzOb3I9vM%2FJmBJsV8zBqIoKl7pbkk2ZNhLBe7rd3wqMkKNwPtTZ%2Fmvw6PflVx5bIS5gVh2zA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e85fcf0e23eb-OSL\r\ncontent-length: 68010\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":68010,"size_decoded":69012,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2b9f8d3634b33f67618a2165bcfc9e64","sha1":"b78d21e115c70e802749e0abebd64d281960e839","sha256":"31dea2a3414638bb40323b0f736714adea89c3a4ec792a2633def6a031f40abb","sha512":"35236b4d268abdc18417458a9904855a347ccbe0041e51959d3773c693be9aed557b066748ec37e1a7fcdc0880b51c14bd1237ff0b7b66873d2b1c84dbc6219c","ssdeep":"1536:ZFyfU4Wy6d20OqYMZTQo/PklvkPc8tXK2Uba6sDqpGJb8fuLzg4E5n4OJM:ZFWWyZNqYMdl/PxFcb3smpGJb8f2g4EK","tlshash":"666302f75a996667f20b02bedeecebd8beed8a03c1b7d124096455b005374c343a5836","first_seen":"2026-07-10T09:45:03.457398Z","last_seen":"2026-07-12T22:01:35.315655Z","times_seen":17,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/9792-bbed82e0e875a1e0.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.367Z","timestamp":1783889285367,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/9792-bbed82e0e875a1e0.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"2479-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JBJPKnzT6I%2BvoEsprx7cPq9txcYODov24%2BElrxGC3yZHSEmu8LPzEdTa%2BAeCesUJbIujlogh7%2BWUZDhVU9MpsGxy3Ko6bETy1S7O2grSEpcyexgNX09TDcdUEnFM9g%3D%3D\"}]}\r\ncf-ray: a1a2e821897423eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9337,"size_decoded":4398,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9337), with no line terminators","md5":"b082208296b9b3705076807c6a765752","sha1":"df9d0a8602debe4cc087445f2f2928428a8dd8f8","sha256":"e5cc5cd6fd587fd300815648759a627ef8c4dc295d75f12440f6d27de6b02924","sha512":"44a1bafc5746c002fc285d55b8f9240e4dc493c65c631114334e52b732499504fee8c0449fbebf9d50205593347c073ebedd5e48fb1e606a37f7cb474066b846","ssdeep":"192:O3Yaic4We1aowaYz4n6rUGUCKbLgcJ/t/ml/6/hYmPE:O3LuWsYn/8rc/8E","tlshash":"76121b92baa2f8b291bb6552683703863130277b790b4441a3bb4cac2354f59b4d3f5d","first_seen":"2026-07-10T09:45:03.521341Z","last_seen":"2026-07-12T22:01:35.311525Z","times_seen":17,"resource_available":true,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/predict?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.453Z","timestamp":1783889286453,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /predict?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mNEjxEIVjZkNfA%2FYi8piHwQsUEaOvHy6QV2kJ2Ul6aLZWIex6b94voQ54O8LjnJxpT%2F0RLtJm%2BpGyik%2BnZyS0rF%2B%2BpyYnWbBzEm1t%2FqKLn8qFLC0N7iPeTtZoovtEQ%3D%3D\"}]}\r\ncf-ray: a1a2e8285b5323eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154,"size_decoded":1204,"mime_type":"text/x-component","magic":"ASCII text","md5":"427ba4325d78cf1b03cd9964bebd615c","sha1":"a319f409b20da4e7d3634bf3205cc481bac13b3e","sha256":"8f1e1cd448797cb2d551ffeb3ce2489a5189923888b37b971e38affc2562f8fb","sha512":"5d900b3a39417f099124fe928959ddba295143e3adfecb9c1329bbfb91722fd9505a1d8f1a59b41f965b2ce8a504f9c13d78c9bff486e348d5344979fed95c32","ssdeep":"","tlshash":"fac08c3a420b3ef5bcbb28aca4aec60f360e410b21c418f0d0924a10a73702105039e8","first_seen":"2026-07-12T17:38:11.79463Z","last_seen":"2026-07-12T22:01:35.293885Z","times_seen":8,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/1164.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.611Z","timestamp":1783889286611,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/1164.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"3b07d-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=id8%2FJB0dSV6YluN6pCImxpXun9BoqPmVwwEFiHIzwRFocDBCwNWadfWLASFUzD5%2BlVk0iHVdaWGVrM%2B9Mo8i0lmoL4hwWGs8UYuEENzZOKe3ISA1ql4t278Mlzp1HA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8295b8923eb-OSL\r\ncontent-length: 241789\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":241789,"size_decoded":242717,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"a22bee73d837dc2f4a18b7ecc93e521b","sha1":"9a9aa32d2ac85065925026752b2809670a73c586","sha256":"732b9916293e927de8a418624133957e9a2607fb891ecab95de2ba842aaa2641","sha512":"777e29c39d285ea5ede5543a3f4b5611729dcc61c0e0eaeb0fde66c5d4f9a8d3a227127a96e384d1071ba936aeecf7c4865363db6dedec3016b2e7b5c72140d3","ssdeep":"6144:T8vn7tHyt5P7xVpBeZ7RLlTeeZmI+qYuozxO24EfjO/1XNJc:TinRymZtLlTbZmJ0ozxO9EfqTC","tlshash":"da3422cad1c441b76c6a50882307b3d29fa064f7b97654eca4bee73c732e25ba523117","first_seen":"2026-07-10T09:45:03.5234Z","last_seen":"2026-07-12T22:01:35.323364Z","times_seen":16,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/play/vs20olympx?provider=pragmatic\u0026_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:07.142Z","timestamp":1783889287142,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /play/vs20olympx?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yPNIfIEzHb75WhXbjYbAsyAfPgGdiZSB9Xur8o1jD17RAHhtSZS89YdFamdFc2zam5v20tvYsKmc4epxj4ZuW0esxK8yrRXb1K2niXScrfhnTnG%2Fsx5bfD2jNJFIhQ%3D%3D\"}]}\r\ncf-ray: a1a2e82cac4d23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":218,"size_decoded":1228,"mime_type":"text/x-component","magic":"ASCII text","md5":"d8a630dc6bded0f890ce0e6f1b87a2f8","sha1":"312baace2a8d4d83da7690fb50da433f3042fc79","sha256":"079ddc09e7f26a8bbeebf886b27703b895f36c9fb6ff8e721cbe410fb62fea60","sha512":"9e458527f0bba7c7d206b1e32f09be3d90948f3bfb3d08f1c92de16d0db041ce97bf265371c1dd8a23a1eece699ca9e4c86f93a53c95ce1e2c613e741d5dcfda","ssdeep":"","tlshash":"12d0a72642053af56c7a28c805bdd65fb51e519ba1c846f550668a35976303129035e5","first_seen":"2026-07-12T17:38:11.884346Z","last_seen":"2026-07-12T22:01:35.269174Z","times_seen":8,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/images/payments/mastercard.svg","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.407Z","timestamp":1783889285407,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /images/payments/mastercard.svg HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"204-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fW4IGJRBI%2BPP5O9j73w2nhkl5g5UaBfgW2PnGaV6DRVfbKYiyBKrffyIrwb4xvb0pisymGGTFNkYpEtb8JNHFaBQQ%2BQWFoEhQF1y38HvEqVIgrRlSKUsj9pQ2WyOiw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821c99823eb-OSL\r\ncontent-length: 278\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":516,"size_decoded":1249,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5b10a5a92e4c713db4c2296ef3383274","sha1":"d4e8b3ffdd780a0e0ddd7b910410e94de00fabad","sha256":"228689600d87172162ceaaa0befff30ed32810abbfec1120b3a09613e37c4c9f","sha512":"567cd2a0882e6b1f9808a4a413db172f7f1b96bd82653abba4d578de6c03fa278d3f16ba0fb9cff5c0d93f7f669a371d80614253f01d002a1cef1e12524eaf9b","ssdeep":"","tlshash":"28f027a0e08790344819465c6f6410212e0fe2c8e344853eda52f5f53a686efe07b9ec","first_seen":"2025-06-26T00:57:44.560445Z","last_seen":"2026-07-12T22:01:35.27063Z","times_seen":22,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.996Z","timestamp":1783889285996,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://porawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 04:44:35 GMT\r\nexpires: Fri, 09 Jul 2027 04:44:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 317011\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":36932,"size_decoded":37745,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-07-13T10:54:12.396632Z","times_seen":29702,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":44,"dns":0,"connect":0,"send":0,"wait":47,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/predict-banner.webp?v=2","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.017Z","timestamp":1783889286017,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /predict-banner.webp?v=2 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"763e-19f43a771f8\"\r\nlast-modified: Wed, 08 Jul 2026 21:34:35 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MGBTJH66zYrJj58pnvwG7HZC1OPP%2FVufz9D1WwgoBUQO48GbTsD%2BRb3iXJJGyXZX9Pc99zUs8z7LfiI%2B0LeYBgfGR%2FfjVlClAPPVBsyK0Wk2xmacYyWLZ8N%2B74XNzg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8259ad923eb-OSL\r\ncontent-length: 30270\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30270,"size_decoded":31274,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x893, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f476b1ccbc123437a7b7358274626d97","sha1":"d4c5e7152a7061a5b8931bef466bf9daa34897c0","sha256":"d1b4bf3a703a70b2d125e2ea489dde042d66aac73538bcb0f9c773cb16c8b819","sha512":"c6846787fd7dac1965d5792bc2102d6c2b7e2f0d2e1cbe179d0cceea985c7004f24ec26568eadd6db023d64499e227965f30ebd084cb78666391ff109f3fd343","ssdeep":"768:m0OJ99zV1m/W5ZS4QxA8e/WA0ik9E11OJW1amWRng:mv9SGSVmbLk9E12DmW9g","tlshash":"87d2f13a255e166f7ee8a814b1308017902fff35ca375e6f9c1052e1e9b2199a13469f","first_seen":"2026-07-10T09:45:03.557227Z","last_seen":"2026-07-12T22:01:35.257547Z","times_seen":17,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/site-config","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.435Z","timestamp":1783889286435,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/site-config HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0gCVjOAcY7TT6%2FujRW8QG7JSjJzislURRMmhWr4XJUGeaqC9sFRg1366vH4ikyKZSOPuh%2FcK%2FUg9dnzWTkO4P4LBpuWibySWNXVMr5wRSkBLSSwKGNE7Fh88j5ggAw%3D%3D\"}]}\r\ncf-ray: a1a2e8283b4623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":684,"size_decoded":1513,"mime_type":"application/json","magic":"JSON text data","md5":"75e4eeb79cf7ffe6aab0bcacf7a17e3e","sha1":"35fff1c6fd62ec384856b30da67caac284302095","sha256":"5267aa2dc929efa39a3141ebdf4b3ab6f48da99893e2b0fc2801fe569c887142","sha512":"274ff58d332aca8ea709128bb33cb86aebab48fe812cffdabd02726fb2d2fe0d34c0bad88226072b85f42b23eed28ca9b83814c3dcab43a6e286ebfa40a98b04","ssdeep":"","tlshash":"e301fe13436e2e2737e570c07d9f7c8914c815f49a80e8350d0eaa540a9a3059cf83ce","first_seen":"2026-07-12T20:48:52.785981Z","last_seen":"2026-07-12T20:48:52.785981Z","times_seen":1,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/domains/siblings","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.642Z","timestamp":1783889286642,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/domains/siblings HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CskYjADIu8l6ZCWari4P%2Fkt3BtavlmGW44nflDSlIYUB1QBK3r1n2f4qZyNgH00PK0cm6pxynXMU28CoYKPuKweEshDlnz2psTPWUtBTaXqbf1a43inL9UxEcHTLGw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8298ba623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":251,"size_decoded":1153,"mime_type":"application/json","magic":"JSON text data","md5":"fc85af90f8dc45d90d89614c544cc099","sha1":"31f0522c19c20139d925697ab452497eea95f87a","sha256":"5af215c26c52d2e7e108bd96668e4e1d3d4431eed021bc8dd6b059550bc4cc98","sha512":"96185cb5ef01321fa5de9a003ec6f2adba108b340efb57e30853142e829b50f3e20b7a006a7f623daab1786b77148ac28b2ac6e26d08a0181fd90f47808bb8ab","ssdeep":"","tlshash":"ded002049b4885a44a450436b87e5e84b5bc1cf5c718c6f08472d001427b38e1c6c8cf","first_seen":"2026-07-10T11:27:04.720047Z","last_seen":"2026-07-12T20:48:52.786947Z","times_seen":2,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/mustang-gold.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.384Z","timestamp":1783889285384,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/mustang-gold.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"127bc-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JPkcdSFVvj4OHdNQ9yZW1Q7XAntr%2FopO6gpjmJnM93NsoEfaYfFBdcyEfvM0MKH7pLgSsTdX%2FkrbSxIp%2BI3RdQrPtNyV4Ogz%2FORI8YuxKpZ9bouTwALXG%2BnYvBF6Jw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821a98223eb-OSL\r\ncontent-length: 75708\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75708,"size_decoded":76713,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6ab241a7011336ffafef1ebd67ec8f1e","sha1":"3ca9a556b634622656866885324eaebf326f9368","sha256":"84c0464497b0d3865d6e034f1bac30e08fdd9bb511aea21786fc0b7201614db4","sha512":"a39af5b7e6cdbab5a5d79334fe1308205ac5657d4a379e639324523c4048f4e910f667b553ae09ac4d0f35f9630d250dc8475d97d65e5cb5e2abb3df1d87d29d","ssdeep":"1536:tI+PhCbNLoTfYF13LlEZeBu/KQRSV443SRSi5TwN9Qg3j:u+PsoTf4YgBGKRG434Si5TwLQ","tlshash":"407302efca561fc4c4432938759e31eadd13765e6ef13e961a0048755a032a1886efc7","first_seen":"2026-07-10T09:45:03.435418Z","last_seen":"2026-07-12T22:01:35.266508Z","times_seen":17,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/bonanza-gold.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:37.860Z","timestamp":1783889317860,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/bonanza-gold.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:37 GMT\r\netag: W/\"19894-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cug4mz%2BVCs1y9HmgN%2Bz21VHR7%2F5cyUvCFvxn%2F4CL0Dqtj5aHWKxzRKiTNa66uv%2FbCGyLk%2Fu8gyBqPgnSpXwobgBtvs8347%2BvxEZMlugDzS5TkizAmiwtuCX6pOscIA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8ecaead23eb-OSL\r\ncontent-length: 104596\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":104596,"size_decoded":105609,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"41a60a105c2cfe76d0467a5b09ae0a33","sha1":"551e9c83845fba6fc18db7a4ac086c215ff8a179","sha256":"b78350512b1d85e07b3ef58b82aad59ddb661cb83c0575faafe676525f215907","sha512":"1ea5a610329876344d027bec3868e54d569ea08899bf3bb565e0750b3fc468a48d78b675344162e4555d61112a30c161a8a4430502547898cee97fe320c5ec38","ssdeep":"3072:4kSF2Y4Jf5pFoQqvZ798oWHprJMkhu9uAvX5iQjgw1H:pSUX5A79dWJrJMkhuZvX5g4H","tlshash":"60a312c579393f7d83899a43ec1da0c3f026f9e51edd2f42dc4c5606ea3182918a4b67","first_seen":"2026-07-10T09:45:03.469823Z","last_seen":"2026-07-12T22:01:35.312172Z","times_seen":16,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/app/(main)/layout-4d27638b938b6895.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.365Z","timestamp":1783889285365,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/app/(main)/layout-4d27638b938b6895.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"e184-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2A3sI8CkCtK7wpUr0s4nN2wB3%2F1tNceJ%2BFwzxIU5GUp%2FrbEvLkMuir21tWnUKBjDoPYxrhfeDTCjHc%2FrG47LtRBXI0CWqLkCllDdSBDyeGlJDnmemGi0aCFhHkkPjg%3D%3D\"}]}\r\ncf-ray: a1a2e821897223eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":57732,"size_decoded":17931,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55907), with no line terminators","md5":"bff7621c687cd5d0f66ebf66ca833cfd","sha1":"cd1f50b353365d253742afdf6ae67fdf39795351","sha256":"d28666a9634510936f8d64bbba35597f853a668c80009cdb3607125168eefc37","sha512":"b25b6d5745ac6e3165fcbcf29518a315ad942447a0a7dd97c02324c08a791d30f9eb178fed39ee9f4b5694defbccc9c1b7ec56764182c26bcb50a4158aed6dfb","ssdeep":"768:f4f66H0enWAvs3/94888itgZ6E9hHnIiTuJWxdlBLdvHT6tyaz3DXE7ir3zeZ6z:fcrnWAkva888itgXhNrT5eDE76zeQz","tlshash":"f2430935aa073d18f63f81c9778f550eb15fa924fa4f4538ba7e2c3212584e4b226bd4","first_seen":"2026-07-11T14:42:52.99703Z","last_seen":"2026-07-12T22:01:35.313706Z","times_seen":10,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.371Z","timestamp":1783889285371,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript\r\nexpires: Tue, 14 Jul 2026 20:48:05 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8JdYE4gn7b81cHa3XqRQ3Ja8v%2FucchLBCDcV2xM3x6PgRdcWrsb14ISFqf8VNYVnvvOyNXwQHQIkbaVofiMKqZ25Tm14b1bZ3nbppdWZK9vshbO6LyplDwyJa8Htxg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\nserver: cloudflare\r\ncf-ray: a1a2e821997823eb-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":1284,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-07-13T11:17:59.153235Z","times_seen":394642,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/avatars/avatar-12.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.676Z","timestamp":1783889286676,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/avatars/avatar-12.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"12bc6-19f126f7068\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:01 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9d0Cop85Y%2B5OjWDGHRPltAhbhP2dUKhJEaR2xzzHf9tZupsa8bZjRSWyuVQqi4ItPIyWYiR7Xe%2FhkPIVIpNNtbBGMveQsSuWmeVaVEMas%2Fhsv0XLPq1cI%2FV1WGq1Mw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e829bba823eb-OSL\r\ncontent-length: 76742\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76742,"size_decoded":77745,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c35c1f1f8d87f2422799f9d9af427033","sha1":"5093a2f29b0632465cea85b65bb78d294e740de7","sha256":"ddd3bae877e7d338d3b4f7be9a49fd75bc81b80cf2a01f3832c390dfda1c53df","sha512":"1a62544cda0cabf2f240441ae1df8b87ab97f99d1dda8c161afa0ea5cb105211cb8055d5a20e3a8a60144c4e4896cd2aca94881c1583b2f5ead543b225ff7040","ssdeep":"1536:KZCv5oKqfLXRczTUnZFdIqTXsqqDQE6giYWyS:1BoK6LXKfgdVT3/YWyS","tlshash":"4c73028e9af50172e91dfbdd7eebadb1e79a71c625d7d0aa38040a00b05061720dbd0f","first_seen":"2026-07-10T09:45:03.502567Z","last_seen":"2026-07-12T22:01:35.289066Z","times_seen":15,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/app/error-33d1788fed5ffb4f.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.369Z","timestamp":1783889285369,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/app/error-33d1788fed5ffb4f.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"93c-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DorEDgSR7R1U0JeGkl7esJlVwDkiQlwSBF2SpJUS%2FCn5Tgg4dDEyxhhhpJxEX%2BBG8gNraEUCfXYOFqylgfFiF4at5%2BRnvVXckU0apVA%2BnSUf%2Fr4DeN%2FUQfIDwNLWXA%3D%3D\"}]}\r\ncf-ray: a1a2e821897623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2364,"size_decoded":2122,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2364), with no line terminators","md5":"5127c8a0bf18bf19c981c4c0f5fd3b5d","sha1":"f812e3d7611042d8be29a2491fa3cbbaf991d54a","sha256":"937b53427e51b436510f6512d504cecc2f6b5478328d3f8e1ce04c45758345b6","sha512":"46314691bf04c743c678ec3b850bf7fc634132b3102eff1279ab430bee9398efe937e8b5021231f5193dbaa3e459cdc12bfcd4e31160df42ac8d8f7fdebdba59","ssdeep":"","tlshash":"cd41621766056e18f437c94877ff900c71eb4428712ade7867a89d3a11d64e53a2b7d0","first_seen":"2026-07-10T09:45:03.569736Z","last_seen":"2026-07-12T22:01:35.294604Z","times_seen":17,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.993Z","timestamp":1783889285993,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://porawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 04:44:35 GMT\r\nexpires: Fri, 09 Jul 2027 04:44:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 317011\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":36932,"size_decoded":37745,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-07-13T10:54:12.396632Z","times_seen":29702,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":45,"dns":0,"connect":0,"send":0,"wait":42,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/news?locale=en","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.438Z","timestamp":1783889286438,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/news?locale=en HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2HQUC4f8obC%2BRDWWCe%2FAtWtHo3URDLV1QLtrl91xPGN6u2xekxIPOpCfZpf%2F%2B%2FuMPfAXPPrsWnNymaSmPChNZB0wz83Qy44mVc%2B%2BxJLFOqKfMcbVJDupECxqaQMrgw%3D%3D\"}]}\r\ncf-ray: a1a2e8283b4923eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9990,"size_decoded":4341,"mime_type":"application/json","magic":"JSON text data","md5":"dbbd633ba2174e0e5c4477000592a2a5","sha1":"94b55540610452e55172b8f694c8d211023567ed","sha256":"5d4f2f6a920a9a3299da5cec7a65b490359b2539503092c8ed47c3c4769cbf80","sha512":"ab2e84fe7076c5805df542982b8462a15921a3255c75049ceed709f936eead2b6a519ed68e3c0f178137db7cedea4e5f0a71388d48bf49665a62ffd64e9369f1","ssdeep":"192:izTK2z9OmGLTNM+ny0xXAbu0JDL45yNsLzsfrEyl:z2zoz5dPxQDL45yNsnsjHl","tlshash":"0122b86d037918a4e73d0290980436af9a4db7f2e1fc7d5d2f89cb5d688989cc7085bd","first_seen":"2026-07-10T09:45:03.538242Z","last_seen":"2026-07-12T22:01:35.321706Z","times_seen":16,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/news/vip-program.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.924Z","timestamp":1783889286924,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/news/vip-program.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\netag: W/\"fd78-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NWY5LG%2BXhGLTFDyHXFIFWHN7Tr8tbTI8%2FnG43ed57QhyPnSDDimRujb6s96Vzg72xt4cLhA3Ndz7zDr2w34K%2B%2FBP44zpv%2BOQprJ28P%2FglQGfvgK8gptzs%2Bl7vwvFTA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e82b4beb23eb-OSL\r\ncontent-length: 64888\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":64888,"size_decoded":65896,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1376x768, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"88ab20969a88612e5b824dc2ffed874f","sha1":"317985035c8e49154359d6f5a4b94e2a0014d5b6","sha256":"cbd580d7fbb3883f97bbbdaab03e539d2157d988f17588e34fff5cad2673f88f","sha512":"ee565e3ab3f1e3ed850cc0775f581d609f90eb72759c92f07158f38f6ffc7b6d9c61bf59008aa573061aae49c50605edbc5c968d0c0873fe6e81b3f8a0259022","ssdeep":"1536:ot4847WWBWi2e6kdL3TL9pAZiYcwrqVK2t7QHL4l4DYvR88:ot4lCWsi2yLP9pA5rqV3tkslZRF","tlshash":"7b53f143b743358d304fecb1809b3ba88aa9ce769c45dfd8c54ba8851e7538076cee49","first_seen":"2026-07-10T09:45:03.439321Z","last_seen":"2026-07-12T22:01:35.293218Z","times_seen":16,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/avatars/avatar-04.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:10.818Z","timestamp":1783889290818,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/avatars/avatar-04.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:10 GMT\r\netag: W/\"94f0-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JvrVjogfkkS8PNR6SmV00OnlKH457sNssKLgK1rIJISh%2B3Vu4BFIVeOn7q411r1ueIxN0IzJgC77Wo1szbvTTlKfJAjL9jE2I8oVYhlQGvQy7N6XQKAJzr8KUQR3hA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e843994a23eb-OSL\r\ncontent-length: 38128\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38128,"size_decoded":39124,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2d1c641d7f049af251a09cc0612e3d4e","sha1":"78322f070a54ebf93d74d7a8c0866f7db2881f51","sha256":"648865fa8c4429e627aaba9d6d51567f845c8aff7b8342ba684d2e014e4538b8","sha512":"31349595037ecd2825a344ce198fc486a4839bbe2ed62424cc1dcc6eca865ea42166a414b44da70e78d2ef646f1dd60f49e0e7613794ab0f4d127c3a71821f88","ssdeep":"768:7RA7zfI1kCGn8v2gRs2OOq0UY5paW/1xlY5njEaClicAsp3JLgwhzR:7RmfAynLge2OOPmM17YuaCli4p3JLLl","tlshash":"7e03f115d030bf43b8a5c5b5c7cfd8c62e9adba542bb83e152540a8410af1f1bfa2d21","first_seen":"2026-07-10T09:45:03.517578Z","last_seen":"2026-07-12T22:01:35.287301Z","times_seen":15,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/app/layout-3f0574c4e5d40333.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.368Z","timestamp":1783889285368,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/app/layout-3f0574c4e5d40333.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"7968-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cZ7p3RC67CoZQGcm2qKS6%2BhDwtg4LEK1OqZZ1bPQaxn2ECbiguN1Icicn5fMdRPxvLaIVfmsVY4AHyxGScMOnOpp8EkNmnBcB2%2B9smJDkGo75TQPPrVTJ7OnNaW0nQ%3D%3D\"}]}\r\ncf-ray: a1a2e821897523eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31080,"size_decoded":10065,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31076), with no line terminators","md5":"c0d11d52032af6ad193ca67a8408c35c","sha1":"8932c0ff9004f3317bb6d2e2c06693f5f855a761","sha256":"6165148d41738b1c671dce4457ec8f9742d6b4489d0de7f6c916b30a77d5f34e","sha512":"7a88391810320df94fc5f40b777293396b0f6fef64aac6c6ba2ac848997bf81dd11dc7cedbe7fbf16e450fe788117fe66f79dae4b072b67724e99c13c2590fdb","ssdeep":"768:+s5XQwaevuPsAc9kxPsAzea6AZZGSYY2pxJuFFdYnQ:+s5XQwaevuPxnpMpxJuFFynQ","tlshash":"80d21ba6920a293cb5b245e8663f910cb17f6b25d72e4414b7bf2c313b498cd92727cd","first_seen":"2026-07-10T09:45:03.495816Z","last_seen":"2026-07-12T22:01:35.275778Z","times_seen":17,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/slots/trytostart/games?limit=2000","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.441Z","timestamp":1783889286441,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/slots/trytostart/games?limit=2000 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kXGE5pWA5L4DKM1cZDsaQ1lKzAWbZsmK%2FRNFyUNQDi1nbabNGFDZTftPZMnhepFY5usXNDl3NPS8GjeOcinOBsKeTDJOT%2FGGcDzFHVRHZgACftH1E%2FeRcENsrNkgaw%3D%3D\"}]}\r\ncf-ray: a1a2e8284b4b23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":180338,"size_decoded":26387,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (65414), with no line terminators","md5":"d7c45617cb85a52adf093f316fc7d45c","sha1":"d763185a59e74e7a1530d393816bdf27ffb6fc7c","sha256":"f93e5113f827ce3143447538d37682d26223c5a08f19b1cfda71f535a14c02fc","sha512":"47b38b77e2c4ab2aa78fa751bb0552d0b8ec7750a5d3484feda461f299f5d36badba906fd0067bf2645e4c6943c6f04ea65ba92d3672ea4baabffb4fb632d5b9","ssdeep":"1536:l4bLnxB3csxYr5PDZsBTBvUkB0R0UASGtdyDtQ5eb4aei5QfQ7Q2MZsgmTHqBUc8:nnLhBld1y4Fk59oJga59XJ","tlshash":"6e04376bf85ca96ec53cae82adc34f9ed1dca24251815c0d60c68e3dd1e2ec31a19fd5","first_seen":"2026-07-10T09:45:03.500531Z","last_seen":"2026-07-12T22:01:35.295639Z","times_seen":16,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/1352.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.620Z","timestamp":1783889286620,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/1352.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"37a2f-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tesNpFDMe1tLrgkec6YdVcG9%2Bn22DNzbJgqJthuPJc7QM%2FdMe0Q37TR2S3jx5FWRY5q3vH4pqqB8EVLmbt1AtHtSWcowFOkazXqp%2FSx9ENtU%2FQ3vir06zuMCSjMu6Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8296b9b23eb-OSL\r\ncontent-length: 227887\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":227887,"size_decoded":228817,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"73175af9bbb796c9ff980818588755af","sha1":"12fa456b38b4674f9af18c3fcdd7867f791fad98","sha256":"d8d021ab1afb609bb0ce1937610b4cc1029c01efe935041569c240dd686f204d","sha512":"b468a98d7f5b297af1ba4f37596ed133b2d90064148c3bbc33e7bc217e6e1a41220c9c1c4b26e079a13400dcde8097fe94748df7fd9b13825bd6ee0008128825","ssdeep":"6144:5qcAhqfzGIpDobWf1WWzvnX840aumhm6YDbod:72qYW9WWzf84dBhsod","tlshash":"392423903e33db65a2778e3458fd93583b66e9069060d62cbcbb48eec524f93450bb25","first_seen":"2026-07-10T09:45:03.498623Z","last_seen":"2026-07-12T22:01:35.259349Z","times_seen":16,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/nz.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.677Z","timestamp":1783889286677,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2026 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 20 May 2026 15:48:47 GMT","end":"Sat, 05 Dec 2026 14:48:47 GMT"},"fingerprint":{"sha1":"D4:05:C2:EC:C7:EE:2B:D0:08:68:0D:3D:33:77:48:78:43:E7:D1:E1","sha256":"ED:84:90:EE:71:BC:6B:5E:B3:D2:50:B0:23:3A:06:0D:E0:50:C6:B6:A9:09:36:E6:CE:FE:E8:66:89:EB:4E:C5"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/nz.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-length: 642\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/svg+xml\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"87c-kuVFN1aapGTztuQPN7yl3EBdFaM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\nage: 980341\r\nx-served-by: cache-fra-eddf8230113-FRA, cache-bma-essb1270023-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2172,"size_decoded":1388,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"229d2fadba8d00df102927eae199d46f","sha1":"92e54537569aa464f3b6e40f37bca5dc405d15a3","sha256":"794a2c8c09796090ab748a74bc35aed825e701eaddc46b138f300401ac9a25cd","sha512":"30b43f270300cc3e8cd4aea0f4e234c24dd5028b71dc9cf33d199fbd6479b120c92db29a4c7741f26b156ac7a561460b46fc37664eb01a32d23f1b19ba9ea70b","ssdeep":"","tlshash":"8b41a080a5d6001dc9399300c7ccdecc9a1fe0db92432a97f6266dca67796d64c9a38a","first_seen":"2024-07-30T15:59:14Z","last_seen":"2026-07-12T22:01:35.303292Z","times_seen":199,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/play/vs20doghouse?provider=pragmatic\u0026_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:07.080Z","timestamp":1783889287080,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /play/vs20doghouse?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HrEGN8XenBD15Ra9QHZfj76ZTYQmsrErsPZYh0txTHGbExVeqYslTXNLrveuzBCIgta6XpujZ7MDwc%2Fb%2FA2bKVUb5K%2FRAoOpq6aChpMDGLdcjOFljuoItB7gNFg3Yw%3D%3D\"}]}\r\ncf-ray: a1a2e82c4c3723eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":220,"size_decoded":1234,"mime_type":"text/x-component","magic":"ASCII text","md5":"d120a3dd10cd04cdaded6f8651558d72","sha1":"ff94165ee7679977ab16f4be9592f4c56316eb14","sha256":"c829a2a6598f90e23a2233b34f8287e3c80b8ba6715dbc0d9660c68ee3d4dcc0","sha512":"65fd30ddbe8d7856f6e86bd8a620e9fb7440e39b6fb799d8de2aa442dc4474ab81d45ad071b71593db908cf70ba3ca0bba37f53d0ff209c572187d343ee04227","ssdeep":"","tlshash":"7ed0972202053bf16c7e2888007cc68f740f104ba0c802f180624a3593230311a035e8","first_seen":"2026-07-12T17:38:11.679649Z","last_seen":"2026-07-12T22:01:35.296243Z","times_seen":8,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/sweet-bonanza.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.400Z","timestamp":1783889285400,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/sweet-bonanza.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"11110-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5tvFYcvf8Kwd6WkW0H1%2FszNejWRbwf3O7p4W7r2J6x2mnbD4KquDjOM4EnGGAzP7t0rhroogq9fGeQRILWZ73P4QByhxd%2FM749DEFnn%2Bf%2FuspZrFQx%2BQN75k3RCbYA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821c99223eb-OSL\r\ncontent-length: 69904\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69904,"size_decoded":70909,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"721b6f52f6774f238e4849424522f47c","sha1":"d3080ed7ef65c3c03e2f93b18cc82756a8655b96","sha256":"d52f0c6f6681d1bfb2d399caefa084f38ce65e099e7bc22e61dc67dbf7ce5bdb","sha512":"510dedd7bf8c58f1b648f09f8c2b78f95dce5a0a765dde944e2d69d0b5511c63b1b5b107ed3d213e3682e73cd201f6f3ce575c0160d9a4a1a55f12aa107e24f0","ssdeep":"1536:BGgiPYdFt+tD7YcF6rZ9FiZ+gxAW7KHV1ynVCEB3M:BXikQD7OLIYgxt7KHV8VCE+","tlshash":"646302c07fa1ef0cd5f07bc362e76b64ecd21d95a22da1d629179f2356afa0214081ec","first_seen":"2026-07-10T09:45:03.510801Z","last_seen":"2026-07-12T22:01:35.261924Z","times_seen":17,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Rajdhani:wght@400;500;600;700\u0026family=DM+Sans:wght@300;400;500;600\u0026family=JetBrains+Mono:wght@400;500;600\u0026family=Fraunces:opsz,wght@9..144,300;9..144,400;9..144,600;9..144,800;9..144,900\u0026family=Inter:wght@400;500;600\u0026family=Caveat:wght@400;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.610Z","timestamp":1783889285610,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:24 GMT","end":"Mon, 14 Sep 2026 08:37:23 GMT"},"fingerprint":{"sha1":"85:D0:EC:C2:01:33:25:23:96:FB:2B:54:90:54:84:07:0A:49:1F:03","sha256":"9D:7C:1C:9C:6A:25:1E:17:E0:DC:FD:42:95:CA:47:3D:C1:9C:20:FB:22:47:02:E3:27:EC:7C:62:03:30:83:BA"}}},"request":{"raw":"GET /css2?family=Rajdhani:wght@400;500;600;700\u0026family=DM+Sans:wght@300;400;500;600\u0026family=JetBrains+Mono:wght@400;500;600\u0026family=Fraunces:opsz,wght@9..144,300;9..144,400;9..144,600;9..144,800;9..144,900\u0026family=Inter:wght@400;500;600\u0026family=Caveat:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 12 Jul 2026 20:48:05 GMT\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33010,"size_decoded":2222,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"32e4dddb9ddfa22e604b89feb79021fa","sha1":"85662379533538a20c85b10fbcb103096a5c0f96","sha256":"f2b588ddc7fda434d3958e3290a0ce63b7a78155d9aede23ca79cb2fb55fa7f7","sha512":"6b3f36bceb7273ac0bd5b7574692fc5a64d9331e937271eaf31b1bc253a029e9d4fbe24db0f7f24e332a5d6639f6ea56c7cb1b9f6ab78c74350ae29547668589","ssdeep":"192:pRZyKjgRgPKmZwi+EwD+rw8+Owl+M0M0MEJMwpMpMEUMwXMXMEeMw1M1MEoMwWME:TgDkisM+N7xTXuM0pxOGC6Ca","tlshash":"5ee22191042ba400eb831cc233cf7e36ae8e61556085d5b99ffe1c98aceac7a537475d","first_seen":"2026-07-10T09:45:03.555282Z","last_seen":"2026-07-12T22:01:35.298168Z","times_seen":17,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":3,"connect":15,"send":0,"wait":40,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/2032.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.621Z","timestamp":1783889286621,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/2032.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"13a12-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JXAiYntfxsCku0h8rWm%2B4KNom2MTTL7oFZ2%2F2ftY7oUBp%2BPJX3Ei5WdkZpss1vvmECJtvnM%2BAjGwUUxBeYA9nu50aw1FG9VFjFfNKgJ%2BezFh4tNDouyvW6DhxFJP6w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8296b9c23eb-OSL\r\ncontent-length: 80402\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80402,"size_decoded":81333,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x1714, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e7dc4522e10474c081773974610ab511","sha1":"3181b650b874a6f00af8cec083cc17dc01c003c1","sha256":"3c6e6e37ff2520c65c5ad44b99b019b5089360f30b99a435b54e11d80908704f","sha512":"3756ec09c7d883607f9bedceabc3d21dd409db40a12bdef1972a83395e851e570d605bfe51318ee476215efe60ff6a1416ab09a70a33914efcde43b792f04c47","ssdeep":"1536:MYPvqxixFFUpIiaxvmXukpnHyAlj5EYGw4n68VVHiP2:PPHeifxvmVHDOyO68fCP2","tlshash":"617312f11f9a0df6a1ac63a05a91c95e33bc1b5de1c745ff06c58e28f62e04642e4e6c","first_seen":"2026-07-10T09:45:03.513887Z","last_seen":"2026-07-12T22:01:35.289626Z","times_seen":16,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/vs20swbon2500.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.625Z","timestamp":1783889286625,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/vs20swbon2500.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"7652-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WtMkL6MySaTQv8hzA%2FyfAC6%2BO%2FGAX0r%2Bz5S8oie2x03C69%2FY1rtImzJ65wTCU1iHyfT6bY5UxUsyak5Fnv1QRP7j0oxt304SWoa8E8vIGA0zfSh%2BMt6STVa5dIgh%2Fg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8296ba123eb-OSL\r\ncontent-length: 30290\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30290,"size_decoded":31224,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 408x546, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ef7d1293c15a0467300fc4ec94aa0962","sha1":"68b0e661714180d5e68942a2537189d272038cac","sha256":"67a835363fd4f746517982066ee9325d6f4d5f7b2f551318194e1476b4fbf805","sha512":"a627528c36d388eebb82ddc6e357cb5973d96cbb94f1ffcb40c09b1e1a2f4e016cbfb52796b6621f5554fee680fdb3835c5f442e0b3c9ee468bad9a65b236b17","ssdeep":"768:a/wZJQB/bTR3E7oM3TXlsKiyp8ILpVz/t3/EtFBtheZyK:8wvQB/bZE7oM3Tl7xyILpVzl3/EPBth8","tlshash":"ead2e16738a19715e14e0373c15b88d0c74fd50ab883357e807786c5b0aada692e4ff7","first_seen":"2026-07-10T09:45:03.43836Z","last_seen":"2026-07-12T22:01:35.296805Z","times_seen":16,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/avatars/avatar-09.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:28.840Z","timestamp":1783889308840,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/avatars/avatar-09.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:28 GMT\r\netag: W/\"3b6a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DNQPaaxifwqnud%2BFvS5EO3cgooh9MNo1AdxyLkb70QEY9mEWsAOGIFDlAisPVNwYq1AAdI1e6xB69JIz13HBR2jqt7S4O%2FTgNCwdkQ9afciRdEQRb0iqVIDWj5uZxQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8b44b9523eb-OSL\r\ncontent-length: 15210\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15210,"size_decoded":16211,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2a78743d1476c3c31c278098d05aa442","sha1":"0171fe525153dd0fb03255535502ecf1262e0458","sha256":"c3e6f099611d8d3faf622bf7a6f48302be66da2d4a26e2463f8977462024ae11","sha512":"415db81487d3880d7725c004ae56deee7809dbcd6a946761bd15aafa00ddb2d24b21a2a48c93f3db855114b2d4a698115d3612473cbd7f13fbd95668d4e776c3","ssdeep":"384:NbMdd3BQ7u8wpujsdFXaNfo+PQ615yq1jQS0w:NbMdrQ7ubkwdFX0PQlqpQS0","tlshash":"f3628d09392245a4dfea2bbafaac160f88338c773c2105ff8d3491167503d91d7b9b24","first_seen":"2026-07-10T09:45:03.573888Z","last_seen":"2026-07-12T22:01:35.301749Z","times_seen":15,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/wolf-gold.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.394Z","timestamp":1783889285394,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/wolf-gold.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:09 GMT\r\netag: W/\"e082-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CO8CMEydQOFx6QWVCO%2Bvi4mPiLvPcR%2FMrYkM1tip1AnCW10r%2BhMQI%2FpuVRl7GNfmf83iAKOLHd%2BmQw1zK016Pe%2FTto%2FjsA%2Fg8OdTiofxsS6bn8CtCeJJVlzc%2FdzFbA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821b98c23eb-OSL\r\ncontent-length: 57474\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":57474,"size_decoded":58486,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6705cd397c489728422c0670b86b5901","sha1":"c4de9ddd398312a49b6851018b180cf61b0b7deb","sha256":"44d27f27efb951e48ffabb381be0b255de5b0555f7d257b4ab5b297bcff8d5a2","sha512":"3035ba279c99aec13340c48187b829d2ae8c47dbe888cf5eedf2c591db098d2b1538d7884adca587828e5878ec992b4e0471e5baf74d80779768462ea3cfe397","ssdeep":"1536:U37DpmX6h92fm+68Cf2g7OE3mWwpRAUiKeyUo6xTsL:UrDAX6HE8CE2WwSUiKe1Ji","tlshash":"0c4302c18280cf866909c979e8b441413463051aba97b5d6fe1afaa20bdf14b3cdf13f","first_seen":"2026-07-10T09:45:03.458684Z","last_seen":"2026-07-12T22:01:35.255734Z","times_seen":17,"resource_available":false,"data":null}},"time_used":3789,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3736,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/images/payments/ethereum-eth-logo.svg","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.404Z","timestamp":1783889285404,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /images/payments/ethereum-eth-logo.svg HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"541-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W4sUA6vQ7sqt1H7Rh2IbmSZKDLTVdk5fXtjot0FjGFgkRgmJhNqXpOZlZRHzUZQKSLmWYeGkV%2FHyPS0s2NUTHKhQEsGcQO86IWrUkWKhA0KxulqRprIxZkHrelgA7Q%3D%3D\"}]}\r\ncf-ray: a1a2e821c99523eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1345,"size_decoded":1555,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7c19954628081bf6fd772fa0d0819547","sha1":"9c1d03cc04bb9d2e2f8577ad561abb9c9ac9dae5","sha256":"066b2a60df66fbe2c11bbf7d37201552fd27e4edca73cac4a3e7ebda3ceb2486","sha512":"3f40c39fa2e06194f6957ad2bb7cf6c752dd9ad12eaefe891a56380496d85f383331fc4c557b42f3cd897bdfa02c87d4f27ff457b1c11ecdbba6053ff2549ff4","ssdeep":"","tlshash":"fc21eef5ad9e6991c5fe83b4b5fc91532853c0cf008a0880fac07681ac066fe4e42adc","first_seen":"2023-10-24T01:06:33Z","last_seen":"2026-07-12T22:01:35.247599Z","times_seen":825,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/avatars/avatar-01.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.446Z","timestamp":1783889286446,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/avatars/avatar-01.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"7aa2-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BcS1c3vOj2vVIRtfdQnKCfn30zVEk%2BRVuIpiMJONHLR05zaIXo1JWZRBZHqrp%2BesH8G0oe%2B84FdCyXtViAfy00euhsFAxHdFeVI6hbG278n80q0J20o1EJmgoh9JrA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8284b5023eb-OSL\r\ncontent-length: 31394\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31394,"size_decoded":32394,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5509ff2b421b108162329e8480cbf42a","sha1":"3072d660a2b73a831d89a61be8422498eb70923a","sha256":"395e861b9886862ff3c0e250045d90084dee194225fa87649ff810a93029cf72","sha512":"9f23044ac22cde5a69e0c215d9bf1b2cc7cc81d9653b82b6caecf195dc9de2bdce6dc2fbe57f8d243fb042baf5bb7ea9ed2f18c81486635b520ff91123a4a576","ssdeep":"768:qLVZRKuBtND4jceGyr8Ee4m90bm9JIqXkeRDMB:qJK84HGysp9FX+B","tlshash":"d6e2f194db0488e1a2646f155fd0aa42131ecdba610a2f7f13fa4fc133eee6489f2591","first_seen":"2026-07-10T09:50:20.394431Z","last_seen":"2026-07-12T22:01:35.25383Z","times_seen":13,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/vs20doghouse.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.615Z","timestamp":1783889286615,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/vs20doghouse.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"c71d-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I2xNrg6BKXyil1XcNokW5dojhzBbCE3AfRNC7%2B8nQXUOPw%2B3LHQHEnI%2BzCUklXiPvpewAMddFYERLSWbrVoTjEj45AHNTGImj%2BVJwc0toPEuJXTkitvEa%2Fabwm%2BIag%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8295b9523eb-OSL\r\ncontent-length: 50973\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":50973,"size_decoded":51905,"mime_type":"image/webp","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 360x472, components 3","md5":"e01e7dd2ed5b17e02bdeb34c09d2afed","sha1":"2f200ecea22af3478756569edfb30b72e45dde54","sha256":"1d195ef122b4e40d3305fc65cefaa7c5c967c1688533db98da9a4bad93a2c7ef","sha512":"038a542ea1cf08126b558d06a1025b3f4751c3af2bf7a388bd79678c8f5867c88c596513cd4d1a8035632783c8deddfc0999e9261742d81bf6ce4883c2063b14","ssdeep":"768:hYyBIClez5YsfIlCTuxHhs4QVz4cQ4ZgXrslVtBzLsaJc3sg2UlQlm90bE+VJp5p:h9plemtlpeDVzxos8Sc3zCweNfvv/31","tlshash":"3433f2f3bfffd21bf879f235c0a925f1433916b61329925bf1591b2c10906c8295984b","first_seen":"2026-07-10T09:45:03.447671Z","last_seen":"2026-07-12T22:01:35.292417Z","times_seen":16,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/vs20olympx.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.616Z","timestamp":1783889286616,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/vs20olympx.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"3e27f-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yAeq4NjDUoY9Nfhg49WLRIQsyP39UybTy2sbfRqPOyM5vtoVj7GM7yr8vDC79uQMYJOHQk0u85ENkS1sSmrKMwSowG589G6ubhr3z4IctJyTZ8Uj6DoTKMUVrnLIRQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8295b9623eb-OSL\r\ncontent-length: 254591\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":254591,"size_decoded":255513,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"7257e7983f3fc7614dbcc9f60d78e675","sha1":"708154f72258ce55b1e1954a62fcff0d0fc8369a","sha256":"fc9fa196019d6323ea1284aeb52dbca0b466ecdd3c5f28cfdd0a7138daff2870","sha512":"7ca60d36efbb7f6eedca2c18f617f207f04c0fa79a06f9166ed0509e5dfd893b75352ffc31a73a209f1d4a4ea7a21feaf55964f20b51374b6ce6d63b1470a88e","ssdeep":"6144:CiN4IwkOCuSMJO5F14DNQE1+u5n+zY/PhLPhlAkzEe0+X+:CiNgXCuMMDNF1Tn+MBLQkWE+","tlshash":"0b4423b1d86dae1580bbfc317d6837eb2fad593aa9b32129c780c55c715e8dc970c218","first_seen":"2026-01-30T22:42:01.211792Z","last_seen":"2026-07-12T22:01:35.273749Z","times_seen":96,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/deposit?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.922Z","timestamp":1783889286922,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /deposit?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2O47xFYuHgNu5kGYoSA5m1RLRN2Uq6Sa2%2BEdjaEhIfrGjK2jbJctIWLK07IVG07b4AfgjautVecIaDFiKhh4pRoFp46YQisvfL4sKcxtPngUfLAxwa9mi1uoOej6Fg%3D%3D\"}]}\r\ncf-ray: a1a2e82b4bea23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":154,"size_decoded":1193,"mime_type":"text/x-component","magic":"ASCII text","md5":"9876c10da7ccffbf190536b98dd3372e","sha1":"e514dc4db0e327e868e419c1d127c2751249764c","sha256":"0b92f700a78f7e4589dd7a1033cecd337cf04e41b2a2fd4c475f0173218bd3d3","sha512":"f0090ee4f182e4278813a920edee2da3fad2083e2c5e1ba3fca8ff791919278a02178ffd24e7fd7fdcfa5aa5e0e6272e9a372bc46a37dddff7c391f14063daa9","ssdeep":"","tlshash":"a2c08c2142093ef96eba3a88656dca0f260e410f21ca18f4d0925f20b7b702204075f8","first_seen":"2026-07-12T17:38:11.665541Z","last_seen":"2026-07-12T22:01:35.299012Z","times_seen":8,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/webpack-88bb21cc9b698da8.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.347Z","timestamp":1783889285347,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/webpack-88bb21cc9b698da8.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"d78-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xcCIkXgmQyWL%2FxxMYDlLuVJFnokwTHmplGpGQn0XUld5RmScaM99CNMKxoLCyZgcN0MM7I5FocoACLdp7FxnjMITt92SBdq%2Bh2pd1hbEefThyKwjFJo208nuuo6%2F%2Bg%3D%3D\"}]}\r\ncf-ray: a1a2e821696423eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3448,"size_decoded":2732,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3448), with no line terminators","md5":"a6e899e41a949fba95deb581bb003e29","sha1":"89ba1afcdead5a1d29e3f536b345fae2dba1b13f","sha256":"6e412f48b783c41ca2068b946c56cd6312c80b2d3abffb6dbfd140e72c87ba60","sha512":"37f42a21cc92480d8f99693a786fa2152a4eb6e87e9543a80d7e50e46bc07d6baf311b4dcee59547fc6bb6e1af56aee9c0ff37c864449797ef34c6bfe4d4b052","ssdeep":"","tlshash":"0a6195a93625f9b556f108868c7ed142f21a6037051af8a0e717dcf9b464ae20562ff3","first_seen":"2026-07-10T09:45:03.472302Z","last_seen":"2026-07-12T22:01:35.287927Z","times_seen":17,"resource_available":true,"data":null}},"time_used":415,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":415,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/8347-2cdd515f34b89f12.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.353Z","timestamp":1783889285353,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/8347-2cdd515f34b89f12.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"20f6-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z8t1vQz9LhfbCNR61NdW54gQEAvxsDeFuzalzMpMkSmtQ2rsL5mP5kDnf769HwxYGmopfZxbHgbRHEpoVuEhcaj%2FyL5l4oL5Db3iQau94Q14I6QVd15WmiMGQfzChw%3D%3D\"}]}\r\ncf-ray: a1a2e821796823eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8438,"size_decoded":4188,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8438), with no line terminators","md5":"49950202b034f7c0521d2f2129c83c84","sha1":"b39a0b9a93e867cf8675f483507f08d29d1375f9","sha256":"b35f82e8ce5a7a8b3b1083a9731c3d7351973f866106ebffd0c69b90405e5db6","sha512":"e40aac677169b6d180e3fe9b824cb491c49e9c1298c17f6a222b00343907f3ae29daa5d7b2a5c9af388e54bfcd0f92611283a303bb310752b5721c51c943be04","ssdeep":"192:njk3KSwJQV71am/oOJZBOcIkQmAYxDvLZNIw:jk3z1D/9JZQkQmAYdvLZNV","tlshash":"8f02daf5b762383149ebc2d6b5722942f318078e6628d81051f50d2e7358e0eea52fd8","first_seen":"2026-03-03T22:08:14.650035Z","last_seen":"2026-07-12T22:01:35.278324Z","times_seen":27,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/1067.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.619Z","timestamp":1783889286619,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/1067.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"49757-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vAKQKta6W2%2Bw%2Fc4x0oj8tImEbwSRe70DyT5phIDa4rY5o92PqiuFwWlEEzNNGUJVZsa1oPYVv8Bm1AhVa%2FPflcHSDI4qFd2%2Frm0YizDR4Inh5Zn5qcVgEBQetSrpMw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8295b9a23eb-OSL\r\ncontent-length: 300887\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":300887,"size_decoded":301817,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"31c37a2907e35d4375e0b638edf13841","sha1":"c6b60c2614f0065b9756d8e291e91b838b8becb6","sha256":"c838dc775ec2347f27cedfc6d53de677d89baf2c21b83080a151e87c9621b22e","sha512":"9b17bcdd06836e066649809af59c5ba06e9eab3611a79b35df184ae3a57eb28ac44fef212f8d95239ee8b31fcd28475dbedd7cd39ef7887033a402736ba90638","ssdeep":"6144:6+LrAwhkatFw4LIQEuihxRfQXp3RYRIzw:zL0wh9FPiZ8BRYIk","tlshash":"6e54232ae2211b4677c267b1e4a329aed1f65d046228e3fed661417fc1482ee31f73d4","first_seen":"2026-07-10T09:45:03.444324Z","last_seen":"2026-07-12T22:01:35.25531Z","times_seen":16,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":105,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/1924.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.623Z","timestamp":1783889286623,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/1924.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"33a9e-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GSPpz0T6gMbWQqkEmd6bkpbwkr%2B8Mj345Kotc%2F%2BP6i3de13Y3a4HlkkTNZHloFtX7vtBRuoBAMWVUf6itSHcfOMD47hJqLZB7pPVKVPQMh84B2oZsmBNYsAQRNQ1YQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8296b9f23eb-OSL\r\ncontent-length: 211614\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":211614,"size_decoded":212542,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"af1db56f60120f307d2ba81818e8002d","sha1":"d70c970aabbb178488165af57e62c7fb26fe18bf","sha256":"3876d54e638854fb3eebd66d3687beb7553bc05ed25b050a9b4da9c021e66ad4","sha512":"25b6cd6a2d39d04b6e30e57f5186f9d9eb60d3817963540e1b3363f963a218bce3d0f7956b07cb8e9d4f7af163c23bacbdbc96a180c11721246bd56f4f7eaf94","ssdeep":"6144:pnwxvYgBDXYvD7qjbEwCAc2jkinaLeCfHEIdb9j7lsYa+2:pwxvYhLUnyl9h9j7ls3","tlshash":"6e24120259e88b5ff1bb1c658fca4c4a2383e2f129fed086154db37b25d0c996b5cb16","first_seen":"2026-01-31T13:42:56.720032Z","last_seen":"2026-07-12T22:01:35.264393Z","times_seen":17,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/css/65910d15602bebdb.css","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.346Z","timestamp":1783889285346,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/css/65910d15602bebdb.css HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"31f38-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dsCmbr4KWgNiW9zjLRW7P9zHCbMRbaKwcwqw%2BTq6x0CPqSofwisZR71Rqqrila64Q%2BwP2F1MCrT0uBh1eAIAylm%2FqRwoC5W9KWoST7xh%2BeFjGALDq4azdpjxb1pfvQ%3D%3D\"}]}\r\ncf-ray: a1a2e821696223eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":204600,"size_decoded":31946,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"700cebd09c3c299cefcf95a2db9df5d9","sha1":"92327324c0a826656c708bd6caaf6b543d5b5c43","sha256":"c1cc07b695cea585a5986a797bf683e40175aaba9b113bbe46de4870bc810c9b","sha512":"20422a13fec2bd443071009d9c2a78814638e785725eb8c1db261cd43f92240325c9f68073d2713b9dbc276766d95f790e02dcb07127ebb6911913145a175590","ssdeep":"6144:QIjgxKfrm8khsWOshvZc/Xt3oVvAaz1NGGF+XtfKhRcOJHV6tyCsU9baLoofhhDq:FaBqZ","tlshash":"e8149670f6a0607bbd13b1fde7dce44cb50aa096ad229becba61651113d37f62d53a00","first_seen":"2026-07-10T09:45:03.520448Z","last_seen":"2026-07-12T22:01:35.245297Z","times_seen":17,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/the-dog-house.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.383Z","timestamp":1783889285383,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/the-dog-house.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"109aa-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4WnpBBGhvAOZODPWQvKcmVsFMXGTg20zhjbKFSJD7XJEdy5Ddx%2FWiZnbM%2F6gRUAPm2FuPDJw6oitZVGTihBrF4nMgJFroPNe%2BruRLUHHYRX7JaIYVL8yprBA2lOKhQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821a98123eb-OSL\r\ncontent-length: 68010\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":68010,"size_decoded":69011,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2b9f8d3634b33f67618a2165bcfc9e64","sha1":"b78d21e115c70e802749e0abebd64d281960e839","sha256":"31dea2a3414638bb40323b0f736714adea89c3a4ec792a2633def6a031f40abb","sha512":"35236b4d268abdc18417458a9904855a347ccbe0041e51959d3773c693be9aed557b066748ec37e1a7fcdc0880b51c14bd1237ff0b7b66873d2b1c84dbc6219c","ssdeep":"1536:ZFyfU4Wy6d20OqYMZTQo/PklvkPc8tXK2Uba6sDqpGJb8fuLzg4E5n4OJM:ZFWWyZNqYMdl/PxFcb3smpGJb8f2g4EK","tlshash":"666302f75a996667f20b02bedeecebd8beed8a03c1b7d124096455b005374c343a5836","first_seen":"2026-07-10T09:45:03.457398Z","last_seen":"2026-07-12T22:01:35.315655Z","times_seen":17,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":77,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/play/vs20fruitswx?provider=pragmatic\u0026_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.988Z","timestamp":1783889286988,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /play/vs20fruitswx?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:07 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aiKBkJ4HbUmySnN1d9%2F0JeY4KMt3NmEZc9D72jjJccSO5RJhZSphgRDmRVePMNCIbJR9CyQScBx%2FAg4alWel88M1FCzU62APsCECyMuPc2yHGwrR1b7aaYN4M%2BIAiQ%3D%3D\"}]}\r\ncf-ray: a1a2e82bac1023eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":220,"size_decoded":1234,"mime_type":"text/x-component","magic":"ASCII text","md5":"2675fc4afee7fb6b05ffa88a3581019c","sha1":"904320710be35897d3ec0da7d94360aa1e5ff375","sha256":"aa988bca74c9242da6e9bcbeca46be91b4e19202379f310419d31fcd588bf554","sha512":"2dd94f8248bb2264fd118c18fc53b3c0120398692a34f0f3e3904c1f2a48d2f3fb3deff0f559f260027aa9c2743d8fa88f9063a0bfc721f74dd5e35f240f649f","ssdeep":"","tlshash":"06d0a72643063af5ad7a2888057dc69f751e515b61c946f190574a3593630311903ae5","first_seen":"2026-07-12T17:38:11.855689Z","last_seen":"2026-07-12T22:01:35.314519Z","times_seen":8,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/main-app-f3336e172256d2ab.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.352Z","timestamp":1783889285352,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/main-app-f3336e172256d2ab.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"23c-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SDP6fgjzNWopiY0x3TSSU21r%2B6nyYVJcnFSyqiAqXuHeTyw5eUKoTW7lBU220JPhfI2hyfDlwAxBdzW%2FFoHMp1MF1xGO0tCC2CGtDb1TeIDRUNauIBL%2BygpXQnxb2w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821796723eb-OSL\r\ncontent-length: 239\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":572,"size_decoded":1253,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (572), with no line terminators","md5":"39016df7484bb925b0b0fe1905ddbceb","sha1":"088ce59eb609b8c19e00e2d93e10d33b75578d7a","sha256":"91801d552d3e97ad6aabb535c2d8eeff31bab152fb2448b8556373894e7d7215","sha512":"41618a49d22f65beb83086c769a8c67e5ba76cbd01b838ee2ef88857171a333a9ee680d08d182a3ef65393eef1b4d2984c122e3d4d0913e82c0f0e9ee004e46b","ssdeep":"","tlshash":"8bf0d69a4f0cf52f5d26ad65fe97ace2245f4175202b4e606901ee613c23bacd270404","first_seen":"2025-09-01T15:30:28.522834Z","last_seen":"2026-07-13T05:05:21.75875Z","times_seen":633,"resource_available":true,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/vs20fparty2.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.624Z","timestamp":1783889286624,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/vs20fparty2.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"31246-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OYErv61wVytyTEZkuDav1snBxL0Eb1S2yFxE2jpGfxqqfPLhq6feNNNg4YReZbxHhzdsf4l%2FLGHY0JKMInk6liOxCvqVqqIkwkFjD782J7VDEFd0axLR2D4%2BgrGI5A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8296ba023eb-OSL\r\ncontent-length: 201286\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":201286,"size_decoded":202212,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"4dbe1ad237ab45ef9472ddc3b8454d2d","sha1":"b393424472562ce7bcc2d214bede0c8b2653d069","sha256":"a4eeaad89a11e9c5fa29f6ae9e6e69cd75db74d4ebbdf8c00683942ba281188d","sha512":"d81ed3d39e11d3ca21a8b80fddccf9fa8a9d7fa810db7517f51432391ac3e0dfaea290a84c7dcef26f074d994525fd6f9ca0ca70efe7a0fdb025c3e20b400281","ssdeep":"6144:m+OD05Br44TS/a0f/9Wxf5wmlEquieLgj:PD5x44TS/ai/9Of5pEqPj","tlshash":"13142386764c20543fefde8c645a556a6aaa22b0ef825cfa01f3dcff804d105da16f52","first_seen":"2026-07-10T09:45:03.515685Z","last_seen":"2026-07-12T22:01:35.265291Z","times_seen":16,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/big-bass-splash.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.388Z","timestamp":1783889285388,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/big-bass-splash.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"105be-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fWhANdTXOKphfP8i6zuiJUMLYkevjr5y8Ai2p%2F7t8BTtUmp4oZT9ipukXOzvjtEDFkxD5NT9UGO5oupxHVEF6s%2FoTznK7O9uqGgIgyBCCeLY3%2F%2FXOYKrotJR2XczOg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821a98623eb-OSL\r\ncontent-length: 67006\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67006,"size_decoded":68009,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"862f079aaebca7a9a7d6281477920833","sha1":"122ff8ea76c323dfbd5884d328d07a950af1703b","sha256":"917a5f0533529b7796b0d8e07cf304b7edec38169b6accaebd163c0775b8ff8e","sha512":"d6a81891abb189520f4fe8688057e024334449f28430778ca79e0c94e89cc944d141253448248766701e647cd11a957cf95d0abdd9d88d50cf9a5e1d78e5339e","ssdeep":"1536:Rj6UVBfMz71V3m5xMZs5u7v3XJtDFbBa4Bnp8CaE6j+CL8v1d:RbSz71VWCdJlX6iCYD","tlshash":"5f630297af62dce98f029830765ece909ba1c47404f780ac8f050e1eb7f87a97391c59","first_seen":"2026-07-10T09:45:03.563064Z","last_seen":"2026-07-12T22:01:35.261302Z","times_seen":17,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/images/cga-badge.png","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.409Z","timestamp":1783889285409,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /images/cga-badge.png HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"407d-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xFZJ5W0h1idMQX9akLHKWYDzSLkpcT8Jb3BhYCXNR5dsmdVwTMq%2BO29SaWyOiEOMbqDAYWH70ddvqCfW0Db6b9nFdXRjURRl5gQLZk%2F%2B2HJ9%2Flu3GB76EyYUOlNR5Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821d99b23eb-OSL\r\ncontent-length: 16509\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16509,"size_decoded":17436,"mime_type":"image/png","magic":"PNG image data, 625 x 388, 8-bit/color RGBA, non-interlaced","md5":"af14168ff77d6f9b2b12bd8654d4ad86","sha1":"fcf4136dd6768b58f4b741581aab701c5bb4adbb","sha256":"90e8c0ae68316e5fca1da08d89a98338c37826f820c77ca856940636778f1de5","sha512":"28514fde7aac1c74c0f011aabad1044cf20887f80cde86e246168221c19081aadad105d28622fc7a1686c60cf100a5079b7b61765df574ecf2156f99df9fab4f","ssdeep":"384:B99999999bFek/E6fhVC9FmgjhUZskdtMwAf999998Jy1L2+pkqQyynJSh:nek/EUhIjhydtMw56BynJSh","tlshash":"fc72cf39b745a91fa1a93dc26911c7f2b63c51c1d028535b1ef3cc8c26e94cf6c22ea6","first_seen":"2026-03-09T20:13:42.379668Z","last_seen":"2026-07-12T22:01:35.305622Z","times_seen":27,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/games?category=slots","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.437Z","timestamp":1783889286437,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/games?category=slots HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wWCuJ41Hz0lE%2BaHL9sYjd6pBJFvZAOkc3KKcIrMsNXpOqYMyhZAiKyCU%2BwgY2d7O6aL9poLMZC6V9ajMCMURmdz%2Fcvz9XopKufo4D035KzRFsxz9lHC%2FiGGAH%2BahUw%3D%3D\"}]}\r\ncf-ray: a1a2e8283b4823eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63477,"size_decoded":8407,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (63297), with no line terminators","md5":"c331d5f1893b478d08375b0bc50d68ff","sha1":"aa4291784773588400e363945c81680f3e1ae4ff","sha256":"bc505cd7737b683a57a012a20e85c46d010189a631ccb63361275aa4fb937f75","sha512":"edec89bda7b3603a530390dcf158707897973ee6e2d4f1c39b48884ed1de2b20a2b4c25bb22ea7af76a2ac30ef4956618e640b21bbb68d10165fdb5b38103dd9","ssdeep":"768:jjQHfWdheJwziaJM7HQ4W1XqOyJZu4Ylf7mlzG/b5UQS324z0ozqAr8yXApxEHV5:7ex3oxateO69c","tlshash":"b953633d7a6cfca4c78a88c655933ec9d52cb55752000c25ba4bcf3cc8e48fa6e1995b","first_seen":"2026-07-10T09:45:03.570635Z","last_seen":"2026-07-12T22:01:35.291909Z","times_seen":16,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/vs20sugarrush.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.605Z","timestamp":1783889286605,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/vs20sugarrush.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"36fe8-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fTV1n5VHt241fapsW0kLoVrIzQG0OqqoSLzhmYDndlxZYMOxMdnV34KIzABy8E3zP8VyiB1FP7StHIAQm7ODtf63EtSwbYBuCx8WfArxdFTHp%2BMvwD3ZJBWew9BAyw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8294b7823eb-OSL\r\ncontent-length: 225256\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":225256,"size_decoded":226180,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"f1e286615a1298fed8c67ffbb7a062fd","sha1":"6d101d982cc98fab857c1e865edaa0deadad422a","sha256":"89798d3dedbedf88f7c77bc34e8f649bbc9af94baa31ff893654d9450756e49d","sha512":"bc650fbd189a96f0ec8eaf892e0b2d36e4e9b3d34a2302b2eea30ebd8c5de179a62434607c84951870718c67d54bb6dec43594bf444c23b183627ca687db34aa","ssdeep":"6144:ClVeX67QHxSVJXJ9bCLm7Db2klkC2pLimOj4jIjrsT/kB:bK0RSrbCC7DbepLO0FT+","tlshash":"fd24234d2f7a4eade580b43a0f3e6eebae30d5c69036126656f501bc055b6f0911dc2f","first_seen":"2026-02-12T20:36:03.510033Z","last_seen":"2026-07-12T22:01:35.251667Z","times_seen":30,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":100,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/sugar-rush.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.382Z","timestamp":1783889285382,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/sugar-rush.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"12dca-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XfcmdM9eFiSz4nXG5wunmFBmMHmIfjG0T5a3G3vC4YvjzA8KCmch4fAyEHI4cmVas43rr%2Fm5q4eqpR7Y6XQoiOBJbMKrYwpzDZrgKFPbTR9Hr2VvoaXWEwsgBGE7dQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821a98023eb-OSL\r\ncontent-length: 77258\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77258,"size_decoded":78255,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"bf41d2e5df715e30ae5765e27035f41e","sha1":"dcf2c0669dd20ad1b99ea77df4e3f6ccdeead5ab","sha256":"f737baadd156371777dacf433a53ad815758d08052959eb468d9f88e061ad90e","sha512":"b6993d81aab072729107d0d1d86fe16ccdf884f439d987f4cad006dc18158deeb30976237f695a306f65e299f828bee73d82148e2b0b09bb43249dede4c8558f","ssdeep":"1536:HMA87FnJmqOd5Zq0NK7TL4poJXAtB7QN1bbY:HpUnMq+u0NsTkoJXAz7+1vY","tlshash":"da7302d366435f630ec3b099ea9c8feabb66511cf0f602071e6a8744359c974a06eb74","first_seen":"2026-07-10T09:45:03.490538Z","last_seen":"2026-07-12T22:01:35.250373Z","times_seen":17,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":84,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/slots/aztec-gems-deluxe.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.389Z","timestamp":1783889285389,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/slots/aztec-gems-deluxe.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"1d528-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p9f29MENXM%2BSctJqLUNzKWAckvUjc5jYx5LBrmSsWZJjfcskvMtuG%2BKcW%2BAZ7hI244nsiKA6h3emLg%2FW%2B%2Bg8VC7WZiLA7jHtX%2Bg3iZaYqWKjKrCb%2BQoZk08m7BkewQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821b98723eb-OSL\r\ncontent-length: 120104\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":120104,"size_decoded":121116,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"33a0becd3951ca3fdd35c7dd1da54efd","sha1":"a17632960f7cafb9b4ef525b69cbc0e14895364d","sha256":"4277a6f42779711e0e082be210ca816b7e1246d82b944293b069fb7c0523ce4b","sha512":"889704cb60a85169d9c20b1477000d987223e145510da6bbcd12f03b7edcf1cfcea299b0b6cf25e9eb9a73da46280201cfe594a6caed250ac2de13b1687c6d74","ssdeep":"3072:+gIA0CnPgRcql+4/sEs9QsChmvHRo/3aNJ5PvU:8YoP5BMQs8mvxWsDPvU","tlshash":"b9c312966367a2c3fc6a5f5c6a8d9d29adece217388b935f4d7c2163de40122cc5e403","first_seen":"2026-07-10T09:45:03.518594Z","last_seen":"2026-07-12T22:01:35.316474Z","times_seen":17,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/branding/crown-loader.mp4","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.420Z","timestamp":1783889285420,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/branding/crown-loader.mp4 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nReferer: https://porawex.com/\r\nRange: bytes=0-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nserver-timing: cfExtPri\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: video/mp4\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"38c7a2-19f1a251a38\"\r\nlast-modified: Tue, 30 Jun 2026 20:07:47 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncontent-range: bytes 0-3721121/3721122\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ab7PqCmg8lvjQU445UdHd4ktMHOIUSsHoe8CnOC2lAV7r8ros5ut8N%2F3H0YVgz7oLQPUokq2x7KUj03loiXWgGERj8apfcO2dL8QEqLRulAL4SF77dt6rjHbG31vsA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e821e9a023eb-OSL\r\ncontent-length: 3721122\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3721122,"size_decoded":3722142,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"3a3c1bd7ef11371fa3862eb00bf4b609","sha1":"a132818eeeb6f0250691ca8c45474e0a92426897","sha256":"d089720c9cb4c13801367ed6c65dfdc0265af460d3275162c29134599759b65e","sha512":"101d5d2e3e29d961ae1a220b69df3fa5e72d84f48a2625a725b27a803d96c734efca12c8b13dcaf21f542fde6a4d94b9d80ba62f46203a743108aa735a111462","ssdeep":"24576:c86szvinuPYZLGtBdv+I0q7k0z7R6u9DJal6751INRU4w:menPBTdZDk0XMu3O6sUZ","tlshash":"2a2533d0c70a88dbfb55637c82489e433fd38ebdc60a06ea95d62945deb887671b13d0","first_seen":"2026-07-10T09:45:03.54451Z","last_seen":"2026-07-12T22:01:35.297322Z","times_seen":17,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":457,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/avatars/avatar-09.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.447Z","timestamp":1783889286447,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/avatars/avatar-09.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"3b6a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PjtTMv3HiXCiIy%2FLOTtqwO1T6%2BwbQRo3uQCY%2FSSgensT7OzEd%2B5LJ2cFzbopzlE6x1QLfRbtFdPI8QgeBnEVC8WsZWMp%2BsCuGPTDDbl0QU6IheMQRsw7z2FQOPMKew%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8284b5123eb-OSL\r\ncontent-length: 15210\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15210,"size_decoded":16214,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2a78743d1476c3c31c278098d05aa442","sha1":"0171fe525153dd0fb03255535502ecf1262e0458","sha256":"c3e6f099611d8d3faf622bf7a6f48302be66da2d4a26e2463f8977462024ae11","sha512":"415db81487d3880d7725c004ae56deee7809dbcd6a946761bd15aafa00ddb2d24b21a2a48c93f3db855114b2d4a698115d3612473cbd7f13fbd95668d4e776c3","ssdeep":"384:NbMdd3BQ7u8wpujsdFXaNfo+PQ615yq1jQS0w:NbMdrQ7ubkwdFX0PQlqpQS0","tlshash":"f3628d09392245a4dfea2bbafaac160f88338c773c2105ff8d3491167503d91d7b9b24","first_seen":"2026-07-10T09:45:03.573888Z","last_seen":"2026-07-12T22:01:35.301749Z","times_seen":15,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/vip?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.689Z","timestamp":1783889286689,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /vip?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pwQrigJgzjFeCLts%2F409WETbvTwMeMfaovfUPRWnmZrZP7%2BIaD6PMywMLTw%2Fc7rrsFGZ%2FJkiGawoYocSK1T3B11TdQLyT0WmG0r44RjiZIQ0SJwLwKAMfIqL8OR7gw%3D%3D\"}]}\r\ncf-ray: a1a2e829cbb123eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":146,"size_decoded":1194,"mime_type":"text/x-component","magic":"ASCII text","md5":"9031317fd0e3ec6aeda46a94c6ed7377","sha1":"9a8ea25a9dcc5262d71d07d196082de5048cf31d","sha256":"de9c10d92f2ceb5be34715f7c33ec394dee95576adaf6d07ba05ed243a05de2b","sha512":"76ef7a530b2231604ff64a7a961a4c91548aa2cdf60c998c67f571a2dba109f4cb84860c2d5582bef620b24aa0ac9d86baeb4863ff1e2d8250a9b7df9368d9c8","ssdeep":"","tlshash":"e8c02b3146083ef66cbe2898456dc70f360e420f30c810f0f0934a10b73b02028075e8","first_seen":"2026-07-12T17:38:11.801639Z","last_seen":"2026-07-12T22:01:35.3Z","times_seen":8,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/games/trytostart/vs20starlight.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.618Z","timestamp":1783889286618,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /games/trytostart/vs20starlight.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"36ebf-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=npmEhEVOWc1kA7VP%2FABxWZ0PaPT0D3KZlRGLlVA8Ls%2Ff9NARl3X3I0ux7ob9WvytGWsi0CkLrDWNyfdhMPRN0255trvw85XKPZXFWhp4Lj%2FWM7ovNOxIO3zW5UCuNA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8295b9823eb-OSL\r\ncontent-length: 224959\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":224959,"size_decoded":225887,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"4bf449fbfc039659ef34b9962ff3701b","sha1":"2da641dd7ea3cf3a23ce2c83561ae2ae2b0a9551","sha256":"b24676e15e785bad29cbb46cb5004ac2b2269a9477e9d32f78fdba386c3db3ac","sha512":"a60e70ceed2475517455e4d82f906db59c3f621bb408e7837a2bd475b621146856c799db265b184cb81a3d2d188b0c76f7ba59d7aeb518e602a02db3ff8057e8","ssdeep":"3072:zD4dZDNtiyjIyL1Q+kQtPQLQlNGqdZZL51YFbYqPCAYOss4R22g4ZXSNa/GnH:YfiAIuCQPmQlNdtYFwsL2lNr/GH","tlshash":"5f242349923e6d5f0a121787b8109e9dbabb33a74fa9043d70441be558340e1fbf1e6b","first_seen":"2026-07-10T09:45:03.532903Z","last_seen":"2026-07-12T22:01:35.310082Z","times_seen":16,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/lab/avatars/avatar-03.webp","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.684Z","timestamp":1783889286684,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /lab/avatars/avatar-03.webp HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\netag: W/\"b4a2-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xPpOuvRmxXPWKeSEWFNUXCpxM39aYc76UkIOXF6nF%2FM4B0i1cSwIMKj3JOqORnmHN2I3wJAPf2mKnRvrcYxR5oBneqYrUETKI096qh5PT5S3pgv7nDeCCDiGf1Ipeg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e829cbac23eb-OSL\r\ncontent-length: 46242\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46242,"size_decoded":47238,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4fa74b80fc23a23ba9722e49be63a1e2","sha1":"1528f3b571fa660a31c45512b9e03553e98196c8","sha256":"b1bd6d8981b4f1567ab01976abfa8ced2a98cbaa78c8797b705353358a037545","sha512":"e1dc691b8ce5b9a5967c0a68b07789240f8780229c66086a289d3111a3e5bd532d6a8e98f012a0eeda7b18766b9945d49e1983fc9c5dbbbf79ec0d165d2b092c","ssdeep":"768:w1QjAVPlh5VliciOsObs+1nZSlK7NVOv/FtdM0tPKiHHvKo6IkECeVW0D4bq:wh39imbfbOvvC0NvKo6mbxDy","tlshash":"5b23029f7b51abcb0970a3b1545f8bda7e58f43941e27337eba10d908fa025d0825c6e","first_seen":"2026-07-10T09:45:03.501591Z","last_seen":"2026-07-12T22:01:35.284527Z","times_seen":16,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/login?_rsc=1otn0","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.929Z","timestamp":1783889286929,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /login?_rsc=1otn0 HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=orjbYYmi9AXmch%2For%2Fc%2BIbr6ourDCMaaaPn2eD5IVo%2FKt1m9QRBcOU0mkdSgXNTWnJGjr3a3FJrhp5P6NLYP64FRvnf3ZO0C7CjNmJLeYKHSate91uJ8aJHJcqIaaQ%3D%3D\"}]}\r\ncf-ray: a1a2e82b5bf123eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":130,"size_decoded":1187,"mime_type":"text/x-component","magic":"ASCII text","md5":"757bd258af89053ef88d4e973f43e89c","sha1":"fa2d69810ed2575455cbb8c822eab15f54f417c9","sha256":"40cfb2a00717929e54dc53bb7372baebc53d67ca4fcd31c0a8c4912fcb494b72","sha512":"1676769f2db650436ce9f38dc74ac43ddc7277afc5d20b3c616a0919f82f6328d10839e3544455b48bd6c25dfbed9b7cc26b06cd417ef19e1987adf8c5e2d61f","ssdeep":"","tlshash":"b8c09b31870d6df55cfa25c1421dc79b761d430b21d459f4d1b15b106f771215a475f4","first_seen":"2026-07-12T17:38:11.666876Z","last_seen":"2026-07-12T22:01:35.303828Z","times_seen":8,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/8602-8018835a2b8c6467.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.356Z","timestamp":1783889285356,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/8602-8018835a2b8c6467.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"39f9-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fw2hp%2FF8QVa%2FxUc1xAnbq7q9mh39y%2Fk6q3hT0oBIDNV70m6krYlizUvqgp2dzdL0FRMUuTnhEXueD%2BfurLcnGQP5by2LwS8njfFtkI6z3TnNkmCFPq0lbhaJJ8dGaQ%3D%3D\"}]}\r\ncf-ray: a1a2e821796c23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14841,"size_decoded":5878,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14841), with no line terminators","md5":"f366648bcf45d5debf0c1b40cf7d2f5f","sha1":"0b1a9b153106e4fea89f7cac44766d059c2e5941","sha256":"673a7d8aaeb6a9b355d1054015014fd544c8be225843d7bc37d39210d4caf7cd","sha512":"87bc2980f9da79d98616c2345107d092948b85ff882e652aee6ea02a2b3e01f9f8a2f49bd4835069e0487ce71bb42d9591bcd223fe11cb936a9d27a489040e70","ssdeep":"384:iTrTbTaTUnT74TeTVTwT9TQTkTz2uLSD8Tl4rmN2tTRT5ToToT3TuTcTrTP8TQTz:EP/MUTa4NOlu6zVmD8J4rhVxJ22jICPz","tlshash":"936286be77dd348d5a02e2e8d92ba0039bae0138264c4434b14ee4fd5958947987bf3f","first_seen":"2026-07-10T09:45:03.507605Z","last_seen":"2026-07-12T22:01:35.288512Z","times_seen":17,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/_next/static/chunks/4038-49fdd8ae32fa9982.js","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:05.360Z","timestamp":1783889285360,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /_next/static/chunks/4038-49fdd8ae32fa9982.js HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 20:48:05 GMT\r\netag: W/\"1415d-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e%2FgpJ2WWFh%2B%2BZ7a5I8Rg%2F1eqpqT0R%2F5v9Wa8JD0FFlllIhN%2F1ok%2Fa8hOQynw3nOTYEZVxa1jdhcRvY8iIih%2Fsqjkgv09f4rUAlLCHwdwZe7cQnaEnjVptaC14jJ%2BRg%3D%3D\"}]}\r\ncf-ray: a1a2e821896f23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":82269,"size_decoded":25774,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (60669), with no line terminators","md5":"fcc0345f008acbe8f529de677f7ea0b8","sha1":"4709ac8c02289d17f1a27caf9f719c3199e33199","sha256":"94702b098b138dcadab4016ec2aaa5431ce4daf3592629f2b1bd4bfea2c18363","sha512":"40efb9d579d53f9a2b66c219b459d80829c15026ef38f76021613ef87027131a8a09f3ad0c4cbc7d7421f37e3632c419088eeafc6f2907fd8b471081a65c4f18","ssdeep":"1536:kjI+qNzajw1Muc9T05eMK89JgRPWSEtmfPjvss85QxnpYQoQCsdZ:k0plajw1Cez9JgRPItmf7v85mnWRmdZ","tlshash":"178319256609315cf17bc58872cfd91db26e362ce61ac578bf3e7829179a0f4b126f80","first_seen":"2026-07-12T17:38:11.838423Z","last_seen":"2026-07-12T22:01:35.286472Z","times_seen":9,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.001Z","timestamp":1783889286001,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://porawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 327564\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T11:17:56.345809Z","times_seen":233417,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":44,"dns":0,"connect":0,"send":0,"wait":29,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"porawex.com/api/auth/session","fqdn":"porawex.com","domain":"porawex.com","tld":"com"},"ip":{"addr":"104.21.48.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://porawex.com/","date":"2026-07-12T20:48:06.497Z","timestamp":1783889286497,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"porawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:05 GMT","end":"Sat, 03 Oct 2026 19:14:44 GMT"},"fingerprint":{"sha1":"92:BA:4A:4D:0D:AA:3C:04:E5:3C:8D:0D:49:77:68:7F:01:CE:21:3C","sha256":"52:63:E4:DE:4B:59:95:49:CB:53:8B:84:B1:68:81:66:A3:ED:9E:EB:4B:2E:3E:45:E9:9C:C5:5E:AB:6B:B2:2B"}}},"request":{"raw":"GET /api/auth/session HTTP/1.1\r\nHost: porawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://porawex.com/\r\nContent-Type: application/json\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=b5822c4598755ea8b65da1c781ee1536db898f986d2e5dcf91e3247472d1796f%7C840c63c76580b82e618e53f4ff9d6c8b07083c229dd63b753e138c0c45eb4983; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 20:48:06 GMT\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Khl1%2BXnh9AgDn4a2g97wSDiAhPBeIc%2F4Lmj4h82ls%2B5wt0rdcwOPRaDinLn3fyxxFg3anIwE4YVIVKG6sS2ZbwKc2voj%2Bx1qm7UwzhyJEHP0YXh4P%2BRZ7KbM2MuhCA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2e8289b5c23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4,"size_decoded":1074,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"37a6259cc0c1dae299a7866489dff0bd","sha1":"2be88ca4242c76e8253ac62474851065032d6833","sha256":"74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b","sha512":"04f8ff2682604862e405bf88de102ed7710ac45c1205957625e4ee3e5f5a2241e453614acc451345b91bafc88f38804019c7492444595674e94e8cf4be53817f","ssdeep":"","tlshash":"b9300000000000000000000000000000000300000000000000000000000c0000000000","first_seen":"2023-03-07T01:02:14Z","last_seen":"2026-07-13T11:19:32.518561Z","times_seen":271577,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"porawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}
