{"report_id":"efeda5e2-fae1-4754-9f19-6a00be89e44e","version":6,"status":"done","tags":[],"date":"2025-08-23T22:47:42Z","url":{"schema":"http","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"title":"Just a moment..."},"submit":{"url":{"schema":"http","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-27T22:47:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www12.playdede.link","ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-01-28","domain_rank":0,"first_seen":"2025-08-23T22:47:49.77173Z","last_seen":"2025-08-23T22:47:49.77173Z","alert_count":3,"request_count":7,"received_data":174529,"sent_data":4247,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-08-20T16:16:44.009335Z","alert_count":0,"request_count":8,"received_data":541136,"sent_data":5698,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"3836941e42d6808eef62d71cd8b8ec2f","sha1":"c71f2855ff337f90ceca37109b2030aaf44ecf27","sha256":"568125e61b786d102cdac691ba09db27f3b4a60c60da309ee84406fdf4e60555","sha512":"40718db75fe29be7285708571aeca94e3805a5f6d1ce0fe48a5e6dcf16da9c7dfc8c749fabd41c947ad685afdb8cb950d038b80037d2059fe9521eef8c209128","ssdeep":"3:N/BKL1XIsm2Rn:eL1Ysm2n","tlshash":"4b5504c05c4031701511cc00d154351555050c1030150401745d15d41f3114044505c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.507189Z","last_seen":"2025-08-23T22:47:57.507189Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"eb107a66121e3e1b34320da79b2881da","sha1":"0f55ea9d59fffe480f73da41f4ecb4c9648a5015","sha256":"7f45666e4fdd3300c567fabb2554c6b7cdbb6289d833cddd309a590a5357ea1b","sha512":"5ec70a82828ee4375a5aa9a262120b91bfd8fdaebe9682a1ad1a0d9e16ced1786645b4159523824b7b9057bdfb961fdd96298757e886696de79505a8f1bfddbd","ssdeep":"3:N/BKL1XIsmzUdn:eL1YsmQn","tlshash":"565504c1d44031703414c440d150151d55050411101d0403745f04f537311510010540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.508335Z","last_seen":"2025-08-23T22:47:57.508335Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"170e60bcee155ea88399f1914f5628f6","sha1":"75468398137e879c0acef7dc7ba54692d3d5f9f3","sha256":"ee29d5625026cc7034a51589f9a92465256927bb7f5a6d43493506f443b58a06","sha512":"7c71ba0fa2725edce0c75b2a286f12669db798836266855499b61147c0535a4f6c9b2b1026078097ee0f9397bdad3995f86af1e3c753448ca794ea419f726e92","ssdeep":"3:N/BKL1XIsmJ:eL1YsmJ","tlshash":"a95504c0544031701410c403d150341555050430701d0401f45d04d437311445111740","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.509581Z","last_seen":"2025-08-23T22:47:57.509581Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e3516eeb875c2deff68d5aa1f4f2058a","sha1":"383014aafaf90ec16e7325b22e7c8c4262470e56","sha256":"3661d438156094a882ac57d815cb75ecade1433736e295c2cfeefbd3d1431de3","sha512":"7d1766f95c3121669992ed7e35816a35a6d57af162bb4a69cc70b1cf03b765fb1b91869acb476c525aa30e1b84548551a03aebe585266316e25f1e82091f6ff8","ssdeep":"3:N/BKL1XIsmun:eL1Ysmu","tlshash":"c15504c05c4071701410c440f150151555050c1030150441f47d14dc37311501051554","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.510802Z","last_seen":"2025-08-23T22:47:57.510802Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"692e218a8637641afc84cbcc53854a39","sha1":"d6803b50da6c780ca35937b29bc791d7e0fbdf2d","sha256":"5784adc17c79da1f15de2530589c7461c25bdb0ebe417370db3f21aec3244d3c","sha512":"203c2988bab117088066cdb32444363e494f9265106a1958c100a3c0cb14814bbffa259fef03c5e808666d2891d97024ad06962b7b64f08799c484512aa4f3a1","ssdeep":"3:N/BKL1XIsmhn:eL1Ysm9","tlshash":"005504c0544031705411c441d1505d1d5505441010150411745d04f51f311400010740","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.511913Z","last_seen":"2025-08-23T22:47:57.511913Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"386970c175a4f92cbafbe7374f303cc9","sha1":"7292f5d536ad6b8da489a218bfe4aac746c7e8ce","sha256":"0b9553e6b798307f7f8eb0b7bfc3150053f66fe3274e5ad9a507072e0f65e469","sha512":"a38a999d22dd0afdebf8bb9eeb0e202b62e39ddb36e90cf29f33ed1bda7b4317dda1d1a357cff6dfb5ceaeae62f4594af84344e04855bac6779458f4d744b0b2","ssdeep":"3:N/BKL1XIsmm/n:eL1Ysmm/","tlshash":"da5504c4544031705410c440f150341d5505455510150501745d04f457311410110d40","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.512966Z","last_seen":"2025-08-23T22:47:57.512966Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"236b083c39655fde925224a7d3ee0f64","sha1":"df77382db2d56ea9eb786f4434bbc2c8f5d394aa","sha256":"5ab4577fe65fe729e42a6a16185cfc5f8478af43095340c0b2492b3d0146d16b","sha512":"dfadde417bf51992f1e1664cd699c2f17139016e2538d7e92e3aff92b656674359f12f0179102caea2a4422193a6c475b0bc43865a50e79feb2893788761bbd6","ssdeep":"3:N/BKL1XIsmzn:eL1Ysmzn","tlshash":"f75504c4544031701410c540d3501d1d55070410101d0411745d04f417311400011540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.513977Z","last_seen":"2025-08-23T22:47:57.513977Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"848c5bd201d4fbc0dd8da2ab82abdf35","sha1":"669a14e91f5fc1d61a30a27fc5d19448917c64a2","sha256":"c91ecf0ae294c7c67016b440dc2c82b37e5dd22be12f7feb49ea4bed31e837af","sha512":"91bc084e73371a1c1bfda6b723ed05762728cbe041811f392ec26ac0548c365366a42eb64eb76b0c533f0a1e5a44dc4ad09b5f167f58311870e1cc11c4e0b1ef","ssdeep":"3:N/BKL1XIsmO:eL1YsmO","tlshash":"a15504c454c071701410cc40d350145d5507041030150401745d04f517311400010544","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.515002Z","last_seen":"2025-08-23T22:47:57.515002Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ca897fb253cc8807c5aafc947eb02fb6","sha1":"25137d68712ada7d3ad424c80bc0d688a696f7bb","sha256":"57f9c536daa79c4d770534dbafbe2e7b2b2aa48b9eb2617b4e670b8a78a4a4ce","sha512":"187200763128b83b777932b28834f8a21adf5824c5b9f8635249168aaefcc2451885b26da07411ccd56a52146f9b8cc2524647ebf2df4c1474f80d219d893f64","ssdeep":"","tlshash":"d96000030c00cc300033000c0003003f30f00c3003cc300c033003f003c030c0000030","size":16,"data":"","first_seen":"2024-12-12T23:50:40.144885Z","last_seen":"2026-04-04T22:46:59.860329Z","times_seen":246193,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"25dd5f4b54622dfc263f2dd233c8bd81","sha1":"4ffea3553e2b99dee693b706dce0262faa3df419","sha256":"2c05ea9ab58dcd4d86e8c170474b2a03d50bf00f9b7497f4200f0b10797595bb","sha512":"358bf59d8e6c6468cd7889831b1f7ed650374203ff583ae2a650e0296a2923ede19ba56f26bf63c59d45285de7db1939e3034860998987f4b8b30264fd6670a7","ssdeep":"3:N/BKL1XIsmLE:eL1Ysmo","tlshash":"3c5504c1544031701510c440d154541d5505041011150411757d04f417315400010740","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.51674Z","last_seen":"2025-08-23T22:47:57.51674Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a76a15bbf94e7f28db0a12f733d1869c","sha1":"48965f6db11c2a4fdef1caefc6a384ab737bdaa0","sha256":"6001cff656223bb4f587a334cfde601a715a13d83ff63561dd5cbbec46fed367","sha512":"df047cf0161d1225a15f650df9b7b5fc2bdab70d3067b394b52dc68da65c0e55c0a1ff75f0ddb95000713c6939557be69bf4a42f2a306efd0647692a39be2a4c","ssdeep":"","tlshash":"1d11009effe8b464132023e5147e51874262bdca2a8437899305c1c97d29d84421bf78","size":1102,"data":"","first_seen":"2025-08-23T22:12:30.830159Z","last_seen":"2025-08-23T22:47:57.517686Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b2c881898c158f06d6d63bc23d71c2af","sha1":"0a6b4c4137317306f6259f594d91d73079a973a3","sha256":"9e8db968d7d53ace7b46a192bf4e64f0ca85b019fcd163dbeec8a2439d8bb436","sha512":"75949474220f9c849ceb7e601095ddd2b062e6626238d49e8db260297cb8e1628e19d27b78e6c188f9df214699ac7d3d13a0f4b98f25db2a117d1aabc6fec17e","ssdeep":"3:N/BKL1XIsml:eL1Ysml","tlshash":"cf5504c05c5031701410c440d15014155505041030150411f45d54d4373114000115dc","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.518474Z","last_seen":"2025-08-23T22:47:57.518474Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6354d951d6269f66932ca28703b75c9b","sha1":"46d8ef3ecee8e743f573ddbab3b6efbda43e1df3","sha256":"6092ef766481b5ce8eca7f31ffdf1c3d73feee01448de7f7880fbc7f226e52f3","sha512":"bd488f5ce9c2db20e60feb05e4ad5f7d87c38865e48e3aadb0c49171336cdb3c8a2e4c14d34340995ba6ade1ec39500656440ff8b4c6d7490e65663b257eac67","ssdeep":"3:N/BKL1XIsmk:eL1Ysmk","tlshash":"125504d05c4071705d10c450d15034155505141c30150441745d14d41f311400410540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.519752Z","last_seen":"2025-08-23T22:47:57.519752Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"18e1dc68364675004ef682405118298c","sha1":"69fe941447918ba916fedd55d2e2b6685980a563","sha256":"2d10e03c5d44eab9f3d61e5b8686cb137af555037ff5dfb13e0f10699e7c8512","sha512":"610eab66103434ae0bac8d1a6c7751e22792dcf7b95af72df59c24a3d5712f623a1785d5ee8d187e77014b14d89d0b50c8577286e9a5617d140b14dad30df4aa","ssdeep":"","tlshash":"35611aded46c522ae75c626de60ee3412e7101aa9000b4b13fcbc81d31798d7554bf8d","size":3186,"data":"","first_seen":"2025-08-23T22:47:57.520591Z","last_seen":"2025-08-23T22:47:57.520591Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a9695123386dfa3cf8250166dd4de621","sha1":"b9f4035fb7040f0117e47e8201deb1181c274022","sha256":"17c65b673d36d9aa68644a2f01bcd3c281d739f532684b0d4e5217cdff47334c","sha512":"4e17e7137bdac0b49ba8bea605569dec5bb298bb81bb7456ef88e453d0de1c7b969ededabb149161e1d73d7195f74c098460bc691329a59106a00b89c6534bbe","ssdeep":"3:N/BKL1XIsmm:eL1Ysmm","tlshash":"7e5504c154c031741d10c400d15014155545041034150401f45d05d437315400013540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.521698Z","last_seen":"2025-08-23T22:47:57.521698Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"55903e3357e0ffa0dcd7d5fad39cbc44","sha1":"df22472af488857b07f5202eb6efe84e8b4986c5","sha256":"2fdfc29bef526163c7b533cdff72c1f15d8945c6c53872718314bc553e3d5bd3","sha512":"667a7ff70d374168779b1e48eb3e0c5419bfb7694a81a1ce552541a1fb40890985750d86d7bab0726e4e85598c97097d51a626663b3e010c3d2c35337f56f73a","ssdeep":"3:N/BKL1XIsmR:eL1YsmR","tlshash":"6a5500c0a8c032b02820c880e2a0282eba0a0838202a0802b8ae0af83b322800230e80","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.522929Z","last_seen":"2025-08-23T22:47:57.522929Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"379528d51cb2c201dcf575a3339504f1","sha1":"ec0a3f553cb0097123826c48bfb148c8e3446ceb","sha256":"e9c19d48d0b89f8e2b165dc209367eed17cf0f358ac8a3d359d41c0233f8e0e7","sha512":"9140f432e0e18b79c7ab2a8f5749a151d57f07475b99cbe9b02fb2bddcd97160132e4affba6b18d1edc1c8f3c6781b8dde893a89b04637a6c37ebdbf4fa7604f","ssdeep":"3:N/BKL1XIsmy:eL1Ysmy","tlshash":"4a5504c0745035705510c500d15014155505041030150401f45d04dc37311400011540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.524818Z","last_seen":"2025-08-23T22:47:57.524818Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b71090a9c0c6820231bd6d8133b3b72d","sha1":"1e7ffcfc4e9aa22b0943eaa1be7a44822e5aa19d","sha256":"6c7bda3ca9e4d647fd8b3c4841307bc43aadfe1615aa62a5dad2246537a5d91b","sha512":"920313a034f8ab442ea58ad480bd7276fd3f2a10610f15afcf19840cdfa8ab639059ef7d44569fd9cf48476fc0d9217694d28c7808cf4e7bf1f53a28e02b2789","ssdeep":"3:N/BKL1XIsmm:eL1Ysmm","tlshash":"a45504c0744031701410c400d1501c1555053410301f0405f45d04f537311400011541","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.526558Z","last_seen":"2025-08-23T22:47:57.526558Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4c106bc5ba69e9afdddf32b24a4796dc","sha1":"216368cc9a1c5c9896c7d5e4893c546e3c0f18c6","sha256":"4cfb14ad9ff2798b6a59b2672a4ee1de6f3d0503ec9741e7cde2daaaea55b598","sha512":"e80873a16b1014178ecc2dba79a4c770c6d856d1827249539818b9a3122c2cc43958ea99c5a583704b9879b314dc34ab2c32f1b049da0360603f69e4361885b5","ssdeep":"3:N/BKL1XIsmdSn:eL1YsmQn","tlshash":"5e5504c0544031701410c504d55054155705143030150401f45dc4d4373514000115c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.528376Z","last_seen":"2025-08-23T22:47:57.528376Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b45c3e44e8d746468ad42af6548eeff1","sha1":"e259c412c0a415a3660505a6faf74ee6d20a95dd","sha256":"66bdf2ecfd4f7d340504bdecfc7b30cd2245271ee66d9603a276fa9c81f010b6","sha512":"900d8ce53b253bb668cd71001ea6a4d1beaa94a7b10b00230aeb1552e317b3376764f59a615c4dc1c63a1b01bd854302b20e0e6416e34538200e1875272ebf89","ssdeep":"3:N/BKL1XIsmfd:eL1Ysmfd","tlshash":"085504c0744031701411c400d155141d5545041030150407f55d05dc37311440011540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.529559Z","last_seen":"2025-08-23T22:47:57.529559Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"cde9ce464fe5f1186dd2304ff7401d51","sha1":"86bca7eff558c762b7bfd107e6811efedd82197e","sha256":"72474ea67619a8eeaec86a9dce5f49584f35aa8c852e4bb42bb63fa0a369a159","sha512":"b363979c45bc2fd13bac0dc5aa5a5d2f0f2ed1fa02c1894c5957f5f6f3d5951961cc77eef5bc1e6c0e93767ae54c36d0c8f58d63aa6aff8a42bc64cc09de817f","ssdeep":"3:N/BKL1XIsmEn:eL1YsmE","tlshash":"e15504c4544031f01410c400d150141555070c3130150411f47d04d4377114000115c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.53086Z","last_seen":"2025-08-23T22:47:57.53086Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4397dd1ab6e12e30352c53821811847a","sha1":"d254bfe7072a6525f0c726a832f65ba9675f578e","sha256":"9cc22d4e70341253cb1fe5d0cac81a98080086ba8e4935b5ade02e1ee72bf5b6","sha512":"beffa01f28733004e87a749d4e5d058b0dce47d1dab86a1d6840fd2b3b072c475b28d8577e3dd88a2701beaaeca61acfa7d96422da12e5cc3e2aad9ee8e7c0e8","ssdeep":"3:N/BKL1XIsmrcn:eL1Ysmrcn","tlshash":"f95504c074c031701511c400d151141d75c5041030350401f55d04dc37311400011540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.531963Z","last_seen":"2025-08-23T22:47:57.531963Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"49443e5d57a4c67f057ec6eb12960a97","sha1":"d23db2717032914fe3c7c9d79e8b19dfdd2b5862","sha256":"e0bdd8aab0e0110e81ad9feeeebcc0a91a2d7a442f9950da9694064a9e63be20","sha512":"14662a9adfb4147db566542053d3e14676d661c110de2d7a183e5e6d2cfdf3176002c3a38a12725482a2450422de199b03bc3d699ce027c38aa38a39bde43001","ssdeep":"3:N/BKL1XIsmFSd:eL1YsmA","tlshash":"9f5504c0544071701410c441d1501d1d5505141010150411745d04f417311440010744","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.533673Z","last_seen":"2025-08-23T22:47:57.533673Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"983efb36fd8d5614853864bd97c900a5","sha1":"58363f6febf42570dd042de0290eb94619a72498","sha256":"4a2e939c765aacef690d8344af15f4075b2f07c7e37149becb02faeb023569e8","sha512":"f64b5ce8b2725ac775e58d2b90bfa8d6da02f5e426d7c66c85545c7dc507199afe7d6a497f72d1b5a15863d7f5a45cad7ff1804c6d7518eb0d12b93618e738c7","ssdeep":"3:N/BKL1XIsmU:eL1YsmU","tlshash":"1c5504c0545031701410c400d150145555050414301d0401f55d04d43f311401111540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.535541Z","last_seen":"2025-08-23T22:47:57.535541Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"af19697fae06f105765279d06ba9cf94","sha1":"f7ebb1471d30ea6508f3fe2cf604cbff17733270","sha256":"1f7b92767209774f30f5083f408916778f130753a01985d87783f18f232ad576","sha512":"11d9e5c35ead66a1a97c55647d85e65a505a053aeb67c2262c9de29a9ad3a67ba0dc06c0360b1b96bbc2dc05d1e306a9f50434dba612becc453b4eff1ed17e41","ssdeep":"3:N/BKL1XIsmNj:eL1Ysm1","tlshash":"525504c1544031701435c440d1501c1d5705041011350401755d04f41735140005c540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.537297Z","last_seen":"2025-08-23T22:47:57.537297Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"2e16c0379404f44f9120de3de9b52f7a","sha1":"22a3bc7d3f1bbdd04cefe050530f201dc9c2f9cd","sha256":"6817c7867ef5ea9e31fc236bbd3ed6bff43beb4f8e3da61b7a7c23d978c5258d","sha512":"c1496e3f9ef8e9b6dbae3aba83347bf0777546dd100e4edad1da4ef5dca0cd6af282ac5a2aa4eb510e945db93d37d48bdd19f0c367b39ca8b1173c4a1b3866e1","ssdeep":"3:N/BKL1XIsmX:eL1YsmX","tlshash":"7c5504c1544031701c10c400d35014155515041130550401f47d04d437313440031d40","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.539128Z","last_seen":"2025-08-23T22:47:57.539128Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7ea7f58a738011b53dbd699a95dad0ce","sha1":"cc63fc7f064ce28f1e174b9f1452b21f1bb38f3f","sha256":"9320b92703d97dda66f59971f4d61313645f4eecc5770beaf941de31db51a4a5","sha512":"53ab9c6ca1a3653fe044da32f256f6ba19c10a88b558cf97c4b5f976de338cbd1ae05c12c82395ffdb46a7ddd24ea8ef76fe8a26a270e3c389da6c4b3438bfd6","ssdeep":"3:N/BKL1XIsmJ:eL1YsmJ","tlshash":"8b5504c4554031f01410d400d15014155507143070151401f45d05d4377114000115c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.541277Z","last_seen":"2025-08-23T22:47:57.541277Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ba8b126299920e5b42ffb3e50a66b8de","sha1":"4d33e0b87a15fd5994e6de148f038a25d9210a1a","sha256":"4aee3365ca9a2fef8bcccecfbcd2c424c3e3faf12b57ddfdcbaf02e52e4dfcbc","sha512":"44fd18dfbe98e7191808c3c8b2139387a5e6407de112a4d12fd391189079baea75589b329762d7f2928426b17493891572a4bbaec6b942a5f3f1218e43aef303","ssdeep":"3:N/BKL1XIsmtn:eL1Ysmtn","tlshash":"d85504c0544031741414c400d15034155d050410301d0c01f45f04d437311441111d44","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.543169Z","last_seen":"2025-08-23T22:47:57.543169Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"725cd820b1205b06ab531c336bd39de2","sha1":"7372f7a841fe54436f4225a21b0b47937a12efcf","sha256":"df1e3f03fec08d495d6dfc13a02591309aeb45e8bb4704bbfdcd3d9921c7a336","sha512":"84386c0d70a3fdd0580925254c59c732cd5760a52c74941bc3e3ca4ef6c42e9ab0deb8bdb04e480d63ed4d3737c7bb0b8243cf76f57218965c49b2b39711f98e","ssdeep":"3:N/BKL1XIsmQT:eL1YsmQT","tlshash":"795504c154d031741c10c4c0d150151d5555051010350401745d04fc17315415050540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.545097Z","last_seen":"2025-08-23T22:47:57.545097Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d2b37969efc3d63a6ae2cd4d8c792126","sha1":"814a9d3afd4ab1f24890aabb354af41771c178e9","sha256":"91ef05553918b8e49865e23fe0d5feb6df575ccfdc9ebf19cf05b875040f822d","sha512":"f42aa6358a2237b480b54ccd7fdf7bb7eb7ff36c713cfc2510f02d62e2cab15b7ae93c0ea52c3187a2fa2568b679efcfc647bc1e3b0bac40615ce180a523e709","ssdeep":"3:N/BKL1XIsmT:eL1YsmT","tlshash":"715504c07cc031701414cc04d15054155505041130150401f47dc4d4373114000515c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.550619Z","last_seen":"2025-08-23T22:47:57.550619Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4ebf27e37f82f101d06132699703d61d","sha1":"69b4c170b25e53550cd95d43edd8a43734fde957","sha256":"90b322d20f8c9c40b06f4d7759c566da64eaefe0948a8922feb93e1e91686248","sha512":"34c8204349f97e67c75c710d6edb95a71e6229a54dae76b497ea3f9a352d70b7e0c11bc57da704bc5400fb1354450b2ebe27f426a6aa71b77cb78333a0dde9d6","ssdeep":"3:N/BKL1XIsmI:eL1YsmI","tlshash":"4e5504c0744031701511c440d150541d5d05041110150405745d04f4373154001105c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.552436Z","last_seen":"2025-08-23T22:47:57.552436Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"5b55d46894fd98064cdd194ec46b582a","sha1":"d8ed370cb4f17d61e784fc5402c1c2e9011972b0","sha256":"496c820900a62ad5f20e0ac7070b41ce78b417f77266a3dd65f32f41078433fc","sha512":"286f99c51fa0c9c7fdc8c77636d203a52e92fd86292c3b2acb6623360a62d2fd2e05c5de3ccbbc2905560e337e0609f4d889500fb57749a8091607777576f1ec","ssdeep":"3:N/BKL1XIsmBn:eL1YsmB","tlshash":"f35504c4544031f01410c404d5501c155507043030550401f45d04d577311400011540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.554119Z","last_seen":"2025-08-23T22:47:57.554119Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"cf7b3180de2c4a284e4725bd891abfd9","sha1":"67e54129a0ee9344fa500217d42ef5b4e7f66f66","sha256":"95bfb20cda8bab855ef82a0002acebd819f4bee2b33a6301423577fa222a3a8b","sha512":"57c9989b061dadd1264502d82e5be46c2a693a33d2090b57b7a63ff9b3cd1b881e65e5bc7d03a762de79b90669252a577cfc1ba78d2d42298fa02850c3a7806f","ssdeep":"3:N/BKL1XIsmkn:eL1Ysmk","tlshash":"545504c0544031711414c4c0d150141d5705041410150401745d04f41f311400110d40","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.555837Z","last_seen":"2025-08-23T22:47:57.555837Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"33ff6022e88df59f8dfc9eb546435e9c","sha1":"7f2ad96c0a1276fbc858c652a6e2d0b3c9d4d3e4","sha256":"a1c845cab782ea7dec04543ec72e0b354cb8e9aae23acc02ee02b1832e3acd9a","sha512":"99820974c649620d8dfd487054edee4863ca41025de5a87fcd6fddfafbecb53668799fdde6f7b809112fec178b18f28a9ff8e190d298aff5a29c6795ad639c25","ssdeep":"","tlshash":"0c600000c0303003000f3000f00000033cc000f0cccc3003030c00f000c000c0cc000c","size":14,"data":"","first_seen":"2024-12-12T23:50:40.556614Z","last_seen":"2026-04-04T22:46:59.83046Z","times_seen":248529,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d23b3df2a3dd0a73df358a04f3c3a2fd","sha1":"351077b8b63d6f1304f5cd961470e35c45b61a23","sha256":"d08d6971455c19d9bd6c3f129875ba2555d04802db6e52a070d7197b6bbb1d39","sha512":"b26ea9e76e380b6852d7cfdb65b3fbe55964f54e6dd5671ed1988e5163d97a29db2a020cf559a1b659c99ac9ca47e92bb11dc548360b659e7b559d1a2c4a066b","ssdeep":"3:N/BKL1XIsmP:eL1YsmP","tlshash":"fc5504c0744031701410cc05d15054155505041130150411f4ddc4d4373114004115c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.558085Z","last_seen":"2025-08-23T22:47:57.558085Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9eab1f37d29c6daacac94e09b7a3a180","sha1":"6a2f7aad6a812651322401ab72c5b26a68c43785","sha256":"f742f48403edfc76c88476cf2cc74ca9828e89bfeb39ce2293a21531b353b502","sha512":"ed35080456ebd22f4d9e6890b8be5176978a03010c176d0cff992d5eec97327d8db59e7a817752876197e5c5296c11c140249806ed3fdca39e508cea2ba6f5bb","ssdeep":"3:N/BKL1XIsmMX:eL1YsmW","tlshash":"fa5504d05cc031701410c440d1d0141555051c1030150405f45d15d437311440011550","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.559966Z","last_seen":"2025-08-23T22:47:57.559966Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f008af35d20b472cd97a6533fa651077","sha1":"a4f38f0187d895869fc26bdfa7f6958c9cd737a7","sha256":"d4128f7639f4e7b5ecbf381f4177a50de17df93397764fc8cf70270e408249f9","sha512":"e6c3bccd5bb07e16614ec8ee1891952afc0c42cbae1e1d4c63f4aac87e25debb1fe14e137603ebb52be5f6cf2094df17689b6d137ae7babf31c3bcdf7b5d3eba","ssdeep":"3:N/BKL1XIsmT:eL1YsmT","tlshash":"675504c0f44031701410c400d150151555150410701d0405f45d04d537311400111540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.561638Z","last_seen":"2025-08-23T22:47:57.561638Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d9d27b1285cbd65f133fa4caef0d9631","sha1":"cfd5d9dfdd10833facc30698a97b9c595dcbcf78","sha256":"da9917d828f427244e72cd3a0b7268b481c52a53dafc3c5ed77588e7acb4dc59","sha512":"18548dee9303fdb1992c9fc5eeab6a5893b8e8576ddaa0636382fe3e9eb1782a60709ac9ec96f6dc8fd25a16298e89ff262c12cbf1f8e14858cc19853c20d7bf","ssdeep":"3:N/BKL1XIsmPRn:eL1YsmPRn","tlshash":"b75504c054d431701410c401d1501c155d05041030150401f45d04d437311401011550","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.563419Z","last_seen":"2025-08-23T22:47:57.563419Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a9199788451118b2b3fdcc0b67a6457d","sha1":"d8c7539da8916421416ed4b861278ea7d6b9e599","sha256":"9c3e832cedc5d99fd94b5b2d4df547deb9ebc5222a673630029257095d335c8f","sha512":"b2723f10626f79acf76a843a5fcfcec6c84e112ced1735c0a04517cefc58c249f976eb806d19c1ae57b719d6c8fc1c29ec56256387f87f2f3af3d6f3433773da","ssdeep":"3:N/BKL1XIsm3:eL1Ysm3","tlshash":"d75500c8a8c032f02820e800e2a0282aaa0b2830302a0802f8ae08e83b322800032e80","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.565196Z","last_seen":"2025-08-23T22:47:57.565196Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\u0026__cf_chl_rt_tk=x8ai6S8AlVOLP5MeNKmpO3cA0xd8vYHijM.mgcUDmc8-1755989221-1.0.1.1-lPq0KAo9SqNe6UA5la4PH9eEBsatl6Ei6l8cbdDeeaI","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c60b3bf5df453bf5d58d15eafcbb3c87","sha1":"7c50222ac2a945b5572fd9ed950fa25211b6fd8a","sha256":"c5fdc80bbb3b6eb8a1c61bd2598ba34da18e062c711de5a907fe008016f6b638","sha512":"99d18868f4241b9a3f875f6fabf92888e2f55090760a407dcac09aea4da3dac0728c65f27950e322b60f55198436f22cb274737eb0c53d23c0d31103ad6691c8","ssdeep":"3:N/BKL1XIsmoQ:eL1YsmoQ","tlshash":"065504c074d031705411c440d15014155505041030150441f4dd04d437311440011540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.566969Z","last_seen":"2025-08-23T22:47:57.566969Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"238445a3ab8c1cabebf64646178fe33b","sha1":"892370c9a5b83c00a53b41725bacdbac828885f9","sha256":"ad5f778bc17ef3599a8a552cf083f1a3e7d69e00154ed05cd13c0172cdf683df","sha512":"147da60d0640850f9574a8512cae6fa1c7f298aa040f43037a373ddf30299871bc5a091f3070fcf6c36577feb1cb1902173d735461611428d11fb4ac9bb6bfac","ssdeep":"3:N/BKL1XIsmM:eL1YsmM","tlshash":"425504c054c031741430c440d1501c1d5d5d04101015040174dd04f417713410110540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.568849Z","last_seen":"2025-08-23T22:47:57.568849Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=973e263d8d465694\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b27a607bd92d3138ef8d6e5cb77cd9e7","sha1":"399a02086e2dbb8835cdb3036c4c7540a841b9f1","sha256":"8fadb01150d36c50a47fe3b05da278fe1eac7cb604deed965a4214146c777954","sha512":"c107a56a67abef4cf78b2155884316fe450cbae581338318b5a032254ec3cf0c35b81ebd125d7f6c8a9fba1f64c21342427e5f4ece75df525bf400c7208368a1","ssdeep":"3072:7gx3FUEX2/YONPJn4l04tjBbjw4iRddwW:MFUEX2/YciujRzwW","tlshash":"74e31acd3aceb18213a6343904673dd7a1be588c710c2c6de56158d078f8b7866ebee5","size":144651,"data":"","first_seen":"2025-08-23T22:47:57.493731Z","last_seen":"2025-08-23T22:47:57.493731Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"0af296aa2f701c9bbd36abec51a09f45","sha1":"bfcc121d761ec256bda119799256810da84e2826","sha256":"33a002348d45fdce2f0e7ec6e12750de67c2038b7605f08363eb28729a743f51","sha512":"1d8182fccdac3d1a0cee9ef11d23e4aafb1824b3894b6fcf3dabcebee437b37714af007abd079edbb67d3be65a3415d44e6c0a165065648e28d9ceb9229ff372","ssdeep":"3:N/BKL1XIsmPXcn:eL1Ysmvcn","tlshash":"b55504c0544075701410c440d550541d5505041011150401745d04f41f3154440105c3","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.570527Z","last_seen":"2025-08-23T22:47:57.570527Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"af7a8a69fa6bb1bf743311b336146772","sha1":"618dca06f2e5eb7ecd35a1473d057f9c9b1549cf","sha256":"2e0253d8f2d14bacc2e1cb18fd20eda338b19e95777d2fb1f44abaec197a0976","sha512":"341ac410c9dec9717d0f0685893320a7800c9e1291fadd80c53f3cb83a544d871ed6b206f2fb522bb410501f10c37b6d523136dfa9fa470b245da382092df31e","ssdeep":"3:N/BKL1XIsmB:eL1YsmB","tlshash":"5a5504c054c431701410c400d55414155705041470150415fc5d04d4373114000115c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.572521Z","last_seen":"2025-08-23T22:47:57.572521Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"cb8a5d240aa2a76ef47c82ec720c35ed","sha1":"c3be6b94b8c9af725067bd0398902644faf3941e","sha256":"9e1cb919b9ecc24006cb0e2ce27ba0a530cd630a591a933a625ae69e2bc5288e","sha512":"4bb7377ba5344b92149f9c8b5401a43b2ba581b8557bb83d999404cabd4c94fae6d86b21346739119081a8fed48c1e5aec141c630e24f995d079784c0e646a5c","ssdeep":"3:N/BKL1XIsmkd:eL1YsmU","tlshash":"375504c0544035701410c400d151341d5f4d1c1430150441f5dd04d437313400011d40","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.574388Z","last_seen":"2025-08-23T22:47:57.574388Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/4710d66e8fda/api.js?onload=XaVFY8\u0026render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"49d515b98ccae9634aff66a4ca77af98","sha1":"bfa5462a4f47c2350dcd0b3000e9cb54bec63c21","sha256":"4ca696d2fb66b44648a8fd55bc9eeaa6958dd9e523c4a740365823c30d4fc087","sha512":"856b855e0662da94dc3d314080976df11b5cb203d5ac498bacd9d201013e82258ee66ba1c3bb948e0ea71dd319345d9988be765daa3a276f8571e1787a38cc39","ssdeep":"768:XC6BRV2fM4lLa+rnhPLy6PuR8u5jUjRFPlBMqfspV6q11AY13kep+ORWqxIrm3LW:J2E4lLa+rnhT/oj2P6V6GNI","tlshash":"8f231b583256793227e980e1617ba74373257939e94ccc50d423c86536bcecad233fba","size":48995,"data":"","first_seen":"2025-08-15T11:12:03.097811Z","last_seen":"2025-09-08T12:15:40.897517Z","times_seen":20901,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=973e26393c0d56c9","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2bac47e366e06b5b30c46e6942c8ad33","sha1":"f322409141dc22df2b074db5160bbbebbdb96cbd","sha256":"00330f3518b3f39f961540264868f3c592a478ef878ee666545437f3cd158efb","sha512":"5eccb47c7abee6bf2bac0b06ef372d58a6f0b83ee0ef7d04713d8866f563b45a8b849cf4363aa56d388faf7766883d61366922d9d9dfa7ed3b4693e11ffb4b8d","ssdeep":"1536:uZoUYCj1LyL49425DJketIywMddCzO0aco5MnNusrBMyGVCUOd:uZo06zEf9LMrBMyuC1","tlshash":"2ac3c88e74db754a43276471442b38c7a2bf3c84b018490eae50e8d4bdda718b6b7dbd","size":121987,"data":"","first_seen":"2025-08-23T22:47:57.495795Z","last_seen":"2025-08-23T22:47:57.495795Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e66083de9fa8c6ae859422a42cfb258a","sha1":"51f63176ca67ab366510dc9ed009ed4011947ca8","sha256":"357d2fef9ed35e2116a6949064041656f66315e7a13d2d306dbdcde47324490e","sha512":"142aba3e4183552f058956e3e783a982de05127defa100063dd2931759430cbf9a6c4e37b52879f646dcd6461479a56b28f525fbe010be60de2843abf5286272","ssdeep":"3:N/BKL1XIsmGDn:eL1YsmGD","tlshash":"1e5504c0544031701410c440d150141d5505041010550401745d04f4df315444010f41","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.576354Z","last_seen":"2025-08-23T22:47:57.576354Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c74471eccbfcc49fc5823339ba88d3ce","sha1":"293077b4d3f0dcaf7e821a9c37f4e43f1d06d134","sha256":"b551678539b391badce24f1b03a939f3c084fb2882fcbb65b62411c6f1695958","sha512":"8d54e13639a55b7906245df405f509b57c3cfe40044992d80b147b94e7fdbf3560858f449eb76f49050933c7a510851156918aacf4d73e1f5589098201ab2bdc","ssdeep":"3:N/BKL1XIsmN:eL1YsmN","tlshash":"0e5504c0544035701450d400d150141557050451301d0411fc5d04d437311401111540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.578257Z","last_seen":"2025-08-23T22:47:57.578257Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f47389d2f1abd47dbebeef3e2d3ae8a7","sha1":"dde5aa75f9a647e73d3e2d3fdda68898f850f72d","sha256":"30893b81b3c71cdbd5cf34b54fb52f8eef50b27d8a3f2498a28d2b89bd987fda","sha512":"3524a8ed2b83fe9d62a0708424707959d6cc8e89a918407da7c46540b5982fea9230792acffc47517cf5d009231375b00d5ec2ff5689bfb74ea6a3c926653318","ssdeep":"","tlshash":"56b0028869e5a404e21975a5495fd144f12cc802148a0515658885515f114294167868","size":94,"data":"","first_seen":"2024-12-12T23:50:40.522517Z","last_seen":"2026-04-04T22:46:59.866356Z","times_seen":245735,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ff03fc8f0c3179fb4dcf4389f88a1c16","sha1":"05ff911d7ddf2d7c14b4316a87fd08f42c618f9f","sha256":"025229ec6bb50e915572750c5045d22c5fe16851fd077f1411f41b19aa1dfece","sha512":"4acb3551ec49556a2a64f4a47e480df29f611f67d0ef4b2474e90f7b86caed3dedb0b56eba12e577f1401d4d701c9a4f0898a06eee8f6d7dbe3b4b5283a854e8","ssdeep":"","tlshash":"4f60000000c000000000030cc00300003cc0003300fc0300c30c003000cf3cc0000000","size":14,"data":"","first_seen":"2024-12-12T23:50:40.182598Z","last_seen":"2026-04-04T22:46:59.861271Z","times_seen":247314,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9ea0f400163e6cb5d762d332fbd6dc07","sha1":"9cd7507e20a9d895f8a179da7232b31712ede34c","sha256":"7727c452d680c83ac430b27c3fbc6541eba8a55f142c297a329fc9c2aa1e9fc5","sha512":"7b79ae03c872a513af282550c01c33c30e7fb50c6fab3056606d203f7335a695590510b16b5e40a8c9b525227ed9dfb40bdd6280466f0bd7376495e54a4bb81d","ssdeep":"3:N/BKL1XIsmBSSn:eL1Ysmb","tlshash":"ef5500c0a88032b02820cc80e2a02e2eaa0e0820202a0803b8ae08f82b322880020ac0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.581425Z","last_seen":"2025-08-23T22:47:57.581425Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9a6314860b7bb797694a5ff56eeb37cd","sha1":"d64d50dd187ef28703f8dfe68370cd2b11a82122","sha256":"ad6b463605f0624d633042e778fbe7250608ab57860cab302aa8e9d0e2f496fb","sha512":"0218cf6180f4b5f082e3c70fbb90ccebbcd1ec1a8b8a9eedc19638c432c20166dbf697843ddb7891c7b42df0b5ec9882728f7ff2a9ce76f3fe62d61b1a078ec4","ssdeep":"","tlshash":"6b51c5cbeab2c8319bc90bc6498b93b4a3251cb70419355a96a0d55db23ff5b80998c6","size":2906,"data":"","first_seen":"2025-08-23T22:47:57.58247Z","last_seen":"2025-08-23T22:47:57.58247Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f64081807ebe979e20ff80a56d509b9d","sha1":"3159183cb6ec23712b2886e5afa66fe357dc9c3c","sha256":"c99697365837fdfd76aa75cd0f060e86c0b4581bd711420e6c608b2a53698c8d","sha512":"39a95339d4421e20d31b49a24e069b6c039ba90a9abe7ef4cb44de43988825fcd60d96a45770d454e6cc4da518006f519299448aafc67d4c2f0e2accb667744f","ssdeep":"3:N/BKL1XIsmU:eL1YsmU","tlshash":"c65504c054c033741410c440d350141d5d55051010350401747f04f4173174100105c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.584538Z","last_seen":"2025-08-23T22:47:57.584538Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9984507cd5e1651fae0066f9c85229a2","sha1":"afc882e304dc352731db10b72a02db99b912608f","sha256":"e2ece268e395658910608bdd0266db9a6d4301c2cdaac4217d02e3454e2a4d49","sha512":"a39a297cce831ee59c09cd3c5043efdfca2d588a7e4444627c9449e05f60a2c94b58ee756e3f89ec5c27a38f00fe7dc0aad9f55c5323a45b47032ef28893cbbe","ssdeep":"3:N/BKL1XIsmUd:eL1YsmE","tlshash":"195504c05c4031711710c400d1703455550504103015044174dd15d45f315400410744","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.586667Z","last_seen":"2025-08-23T22:47:57.586667Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a92a71b61b8c364868b0afdfb34c76da","sha1":"b0930718b0761cf7dbc63a6e74c5c9abbab2372e","sha256":"b399952b31d0bf4be289e7aa593c9a24c2e1c55d98fb45dcd979f986a1e37712","sha512":"382fbe512df278b2deadcace1fc0205078e8430293dd33587b51701b69f42fffb06f2e2b5d659d3c37f2613a6905100bba2a99b95928242aaf3e24d68236e8eb","ssdeep":"3:N/BKL1XIsmb:eL1Ysmb","tlshash":"9e5504c0544031701410c440d3d0141d5505041450150411745d04f437311404110740","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.588749Z","last_seen":"2025-08-23T22:47:57.588749Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"98dd524f5ee42bb42f9016906991c888","sha1":"c67f0e1ef53db7e214338c48117ff4538b8da280","sha256":"7b3c749dacb5a31a407a6ed01a7cc7a2a43084227427fc8eb0af573ec236cbfd","sha512":"b0f0429a5049acfa5ceb37ee6dc8ed989083982eca5afeec16b19f8e3be5ae1fef37ca217e9c3dd510ac8208597c5fdfacd92c45637642123632f2965195899a","ssdeep":"3:N/BKL1XIsmnn:eL1Ysmnn","tlshash":"555504c0544031701c10c440d150141d5507041410350401745d04f41f315400110550","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.590953Z","last_seen":"2025-08-23T22:47:57.590953Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d23e58469f78b0c535469c90cc012e5c","sha1":"3277fe2d8c6696f12548579167d4ec4dbdd8f5db","sha256":"d3328e1358f263e77d70bc70fc37ad9c59abad4da31fbe84c2c50c842b70a470","sha512":"671449a8545c079cdc8995fcc0eab3f25236d4749d0d46ecf813d4ad691ff64c06e76fd096da8afb94cb16ab8f8a1985ba5be574ed6823a3004d4f5bac13855a","ssdeep":"3:N/BKL1XIsmIn:eL1YsmIn","tlshash":"c25504c4d44031701514c440d350141f5507041010150411745d04f417315440010740","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.592796Z","last_seen":"2025-08-23T22:47:57.592796Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"83feb0afc943d2f9febda0a04cca000e","sha1":"7b2a66623184cbd849f2f3a0311df42b7b4eaa14","sha256":"785423cc87ce8a0f46d40df17c3270a76f18c7db55630e93b2e5ea1cb4d30c3a","sha512":"dd3ec609a5f6f32ede83ae106ba6c593666e9a8366ad8b652b35525db9a0e0b1ac269cecf8009b0419bc2e332ba29593b3fdefd394896278f810002383036b07","ssdeep":"3:N/BKL1XIsmB:eL1YsmB","tlshash":"fb5504c054c431703450c400d15014155705041030150405fc5d04d4373114004115c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.594949Z","last_seen":"2025-08-23T22:47:57.594949Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c9f7f763087448485d5520d6b240058e","sha1":"4c73471701b0c7c533a870fb95513d1e8bfc145e","sha256":"7aaf9be773c372158239c0f334389e1b36a0674129142d3600f3c4af704b17dc","sha512":"9fe1a30bc6bd42f5fcfb0aae49c105bd8bd50bca1fe5bde1111459039ae6a8a8b6f6d7996e986a855b68dfe929bff1a714e64249def5614207f1410aaa97c92a","ssdeep":"3:N/BKL1XIsmNV:eL1YsmH","tlshash":"275504c0544435741c10c400d170541555450410341d0c03f45d0cd437331400011d40","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.596977Z","last_seen":"2025-08-23T22:47:57.596977Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a8450e6112c586f3923ef1e191f6ec4d","sha1":"767b74ebdb3f5e1ad6571e0c553ee0e1fbee7bed","sha256":"2b62f147a3e3f483392b847708c72d9c7b320136c38a3957efa8c211f54e6d10","sha512":"4293f1444be43debf9e62d36e17c753318f190573a05d7c12f6aa7d3b2c0d33653699aed1cf15d4bcd2cb71696d84d404e5b516f34af4433c20e1852a03416d3","ssdeep":"3:N/BKL1XIsmlU:eL1YsmlU","tlshash":"a65504c0544071701410c401d15015155505041030170501f45d04d437313400031740","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.598734Z","last_seen":"2025-08-23T22:47:57.598734Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9ea370d1a510869a1b1cdfc4f8b836f0","sha1":"bfa8494bdab29bb1d84eae2a142917439e71b917","sha256":"8cc6083f7aa32d353586468089a5051169d454dbb215e2314788815e11491dd5","sha512":"ffa8c86a9bc0c85a5b48e1f0a20db1e17063b93d2cbfb5d8dd6e540a3e370982652413220e7161f3157774e6614d23cc8b5e869623d9264abd97e3f647feca9d","ssdeep":"3:N/BKL1XIsm1TS:eL1YsmZS","tlshash":"555504c0545031705414cc40d1501d1d550d051110150401745f04f437711511010540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.600488Z","last_seen":"2025-08-23T22:47:57.600488Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"63a702276a30d019fd881580a20effba","sha1":"1a7c6a369311f8a7da92efd0964dcc79bfb7cb6e","sha256":"19530f97a1668e9937fa0403a44e3df18b4b64ed6f8a0cd1ee6b1a02897bf2af","sha512":"e60b4fc92024993509bb63688d9e8d1ba22b75d67c67b9e1e81782ad01a31aedca7eaab0036972c4f00d881ef70d23404f8f2aeeb6aabed9c4966dfdefcec796","ssdeep":"3:N/BKL1XIsmA:eL1YsmA","tlshash":"9d5504c0544031701410c405d15054155707041030150401fc5dc4d5373114001117c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.602441Z","last_seen":"2025-08-23T22:47:57.602441Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"21ef9f3c909779c6d8e6a9bb4b574380","sha1":"f329ef4a8a9ffb52a24b1c338f7711ec39c50b0c","sha256":"0b34504cef0a5428f51bc9479dd1f586f781cef9837742e71325b054541b3916","sha512":"72a9878f2ceee6537c4fdc1dcd4842ae7b38b078f30823a450e36427dd088f0c929086bf77ad2a0aaa7dbf6e4cec9d2de5ce23cfc02671664da79a2c8b1e49bc","ssdeep":"3:N/BKL1XIsmTn:eL1YsmTn","tlshash":"d75504c054c031745410c440d1501c1d5555441010150401745d04f417333410014540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.60421Z","last_seen":"2025-08-23T22:47:57.60421Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"1204ccdd5500f50910af46a797cee48d","sha1":"199d5e80ebf1a5213606901560e09982123d5c58","sha256":"1e9d0b22b49724edf3e241a895fd6c341b2ac5a47558abfe0c342529f548d50f","sha512":"2a656dd388c06d15569b9642b8f05f4787cab02247e0fd399227e769b9af0088d11d665880252a79adc00dc2a479b32d97e7d16774aaa34b92601240126aa600","ssdeep":"3:N/BKL1XIsmtn:eL1Ysmt","tlshash":"d05500c0b88032b0b820c800e2a0282aaa0a0820302a0802f8ae08e83b3228000a2a80","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.606014Z","last_seen":"2025-08-23T22:47:57.606014Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"063a9798c5901becaf75348935990c2b","sha1":"33321ba5d0a332be88582f790f25400fb7ee094a","sha256":"b6a8501ee6735cf0085173d5ccb2dcb57c3c3cd193bf0c3a136960ee36b0d714","sha512":"4a2a7d3c72e2f673df6f94a7d920854bdbe9d9cbb5025e926377cecb7003435e00038fd1c337c46905ab00cd4320e563d2f2ec068356d119c1a97511c354a972","ssdeep":"3:N/BKL1XIsm4Q:eL1Ysmd","tlshash":"bd5500c0a8c032b02820c800e2b8282aaa0a0820302a0c02fcae0ae83b322800022e88","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.607873Z","last_seen":"2025-08-23T22:47:57.607873Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"db161dfc225373d20ec47633ce8124ef","sha1":"05fd3805bb1ac25ba8ae04dea525b2f6b0801cde","sha256":"6478e23f32f5b7f3f1fca02a15cfcd86a6aaaba93a35da93d71bd708ed75f236","sha512":"c0d6c5597cd879fab82801a3438e7a64fd5f763c294782e7f5ec4f8fa1f24742e1815bde637d09b6a66fcc80c458bf5aaaab7daab4f7ebcef5f84b27c5a54920","ssdeep":"3:N/BKL1XIsmrH:eL1YsmL","tlshash":"dd5504c0554071705410c440d550141d550504105015040174dd04f4173154040105c3","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.609678Z","last_seen":"2025-08-23T22:47:57.609678Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"563ae7d6fb8125bc0f1dc5ec99095c61","sha1":"1c8f8d2ee6406004a7385925e46369a55a423c83","sha256":"3ce093cfe1963d12cacd8d1925d2a7c1309908c876250bad22792b828e9141e4","sha512":"9648e53fed1ad454723caec8c955b0efa17dff64ac60b511ef371e753f499f6dc3dfc987d50769ce2b754bcf6056d7d8f2527792d6f799b0373c5d94431f2b32","ssdeep":"3:N/BKL1XIsm+Wn:eL1Ysm+Wn","tlshash":"cf5504c0dd4031701510c444d1505c1d5505041010170d01745d04f417311400010540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.611618Z","last_seen":"2025-08-23T22:47:57.611618Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"89e0774efe2f764e563bd4e7dc6a5ed4","sha1":"31314671fa7241ad207cb663945e7fb3a93920a8","sha256":"9c377d348e99723a602b536f8fe2fa1ad2e23262861e5eea8c04924950a2ff49","sha512":"1106e2d1821866f11960bf1a010e2dd4af04e085ee3a760beef03ed9bff48f93d54cd33f575f5e339776e3d93f0544324ad29de4a12cb5e979880db986be13c4","ssdeep":"","tlshash":"c8b0125436e13040c713d034485b9904f108034320ac4404657953700f0041b45795e8","size":87,"data":"","first_seen":"2025-06-07T13:43:46.591874Z","last_seen":"2026-04-04T15:21:14.016397Z","times_seen":3327,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"2e70dc675b01a2cae976351086c794ac","sha1":"9e6cb639b9029c06acf9179c02cdcd3717cbaac0","sha256":"ab16c1aef61ae2818d814bc68181dd26acc8be0f4c1af675aebbb2b367689392","sha512":"9638678233215e2c8319c4412fe212345e2ce7d5a30a73c0896c27cbed3e1b476dfe18ceb64530a84d7daef50e920afeb0f5cfb23aea4d6efafda05f2c8b3403","ssdeep":"3:N/BKL1XIsmUR:eL1YsmUR","tlshash":"0a5504c0744031705410c400f1501c155505043030154441f47d04d4373114c0151540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.613839Z","last_seen":"2025-08-23T22:47:57.613839Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9a83ac039d8329d76712ef0ae700dbcb","sha1":"10891a30efac2ff0a98daf3ab48db7af013d14d4","sha256":"b2167b4aac7372db4d59c12e44c59b81ecbf1583e60e81c6d0f15bfa13322c8b","sha512":"f21f00100484892be9c914d1995313d0f2ad985b95d2bcc78e64712d4f67472880d8c0e7865a204b642b25b59c6cdf224c37d873783f189560ad68269ba2e98b","ssdeep":"3:N/BKL1XIsmo:eL1Ysmo","tlshash":"7d5504c0544031741c14c400d15034155545041034150401f4dd04dc37311400011540","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.61573Z","last_seen":"2025-08-23T22:47:57.61573Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"bb9b9e71e90b0c48143fec5724855807","sha1":"9086445f4997aad9711488f1e1d6cd2e272659c7","sha256":"cda4205ee99b7c757bd9d4a3ad187f05b1ef0b203509214aba54c7f57afff3a4","sha512":"55c9c9d4ef65ce52fabdbdc949313fe2dddcde512334a0634c3feabeb1b81927df0730d37d95d658e9950d2c4a04765133cf38fb36b0ed46461e0aab77cd0e36","ssdeep":"3:N/BKL1XIsmmn:eL1Ysmmn","tlshash":"825504c4544031701410c400d15414155515141030150401f45d04d437711400011550","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.617554Z","last_seen":"2025-08-23T22:47:57.617554Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"714203e490ebacd5ce0dedacc91b23f1","sha1":"e314486f6a5ab7d21a9fa1e6447b8186342ae561","sha256":"0b12ceb69b487ddb7f5811929f6df1177b2db39b5cfdf610a8cf1b714f6697b1","sha512":"a17212e70f9d57ec4fda6f5a6d91398d14fc1eeeba9883eae7ccad453242e60ad482940e42bf123e64d12217b7329a9e8a3fe131115624803ed7e8810d8739b3","ssdeep":"3:N/BKL1XIsm3WX:eL1Ysmg","tlshash":"c35504c0544071701514c440d350141d5505041110150431745f04f417315704010740","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.619252Z","last_seen":"2025-08-23T22:47:57.619252Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f0c6b59cf214c2fc5e712af916b22552","sha1":"d4892dafc882b1747505512066e039162359c7e6","sha256":"68b1acae753c3a9c3aa90950e3e3eee8d7c71ec335801349ca231a646f6a6ce6","sha512":"19fb0989c32a3b8fa0283f66d1b80fa724b06e4e378aaecf9fc89e8a4327c0133aec7d83cbabbcd10563188fa49c8f256ef2773e7e9829e07571f4cd69e40a94","ssdeep":"3:N/BKL1XIsmJR:eL1Ysmf","tlshash":"745504d054c031701710c444d150541d5505043010150c01745d4cf4173154000105c0","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.620387Z","last_seen":"2025-08-23T22:47:57.620387Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"cb02c677f0c15b28a440754f292d68ae","sha1":"c222aee5fafd85baf8ce4369412d294e27c2f571","sha256":"e44194382c4234724f0ca24d06f086d98311940f1d2c4df3a61aa17312821e82","sha512":"f83a9f03a515b82b4fc89cb05b14bf5fae30e4a4733435949a1d2714e16548c0818e9477fc29cb20c3b9b3b2f9808d763000b48e1a68d86d9c8c8aff0593e644","ssdeep":"3:N/BKL1XIsmyn:eL1Ysmyn","tlshash":"b25504c0545031701454c400d35034155505041130550501f47d04dc37311441011544","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.621633Z","last_seen":"2025-08-23T22:47:57.621633Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"5b27d121dececd9e957d19eac7d523dc","sha1":"899419ae987a544274831c5bf056875838cc2200","sha256":"2a3c7021483d22b9d7e99fce521d3a22ecf5449fdd6d6247c03a2ab8f8d03a1c","sha512":"93906f39e2df77d1df8c9382fd96aeac111cd2356536acb83660249f5907d04e168a7810dc6e797d24d90566a77a5be7bb01ccae33f8fb13ad6e3279a551d35b","ssdeep":"3:N/BKL1XIsmH:eL1YsmH","tlshash":"995500c8a88032b02820ca80e3a02c2eaa0b0820202f0822b8ae08f82b323800020a80","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.622691Z","last_seen":"2025-08-23T22:47:57.622691Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"388ece7697b52022bf8baae9053a41e0","sha1":"9acb6324df192a1a84d9fad004bea18f5a71f1b4","sha256":"d6cdb814f0935af2cf7da41dbd465ef485f230a83ae4abbbe994c97b535a2329","sha512":"1fb7ac337a7fac8ab1811ac8b3b1bf3e03479d920b94b5c885bf7d6ea085a1a7c523e078bced82f5dcf26fe967f93c42512dfa5418fb393f92ba0f9594286053","ssdeep":"3:N/BKL1XIsmKd:eL1YsmG","tlshash":"5d5504c0544035701410c400f15014155505441130550d01f45d04d437711400011d40","size":1337359,"data":"","first_seen":"2025-08-23T22:47:57.623774Z","last_seen":"2025-08-23T22:47:57.623774Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T22:46:59.8222Z","times_seen":666510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","size":39,"data":"","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-04T22:47:05.864741Z","times_seen":748305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-23T22:47:01.288Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /redirect.php?id=2fd2570985c843683071bebf4d246dc2 HTTP/1.1\r\nHost: www12.playdede.link\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Sat, 23 Aug 2025 22:47:01 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=prULfRjfoyGFhz0IHhUT3k5g7g9ynXTQ5kayyiUA3cki%2FsoJlnnvooQPg5XBeeIA1XZ7aS97iS7EK9z0IKVR141%2B16GoeHPosBz%2FrZPBLxmu\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 973e26390839569d-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4908,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/favicon.ico","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","date":"2025-08-23T22:47:01.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playdede.link","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 Aug 2025 23:04:18 GMT","end":"Tue, 04 Nov 2025 00:01:36 GMT"},"fingerprint":{"sha1":"0F:DF:CD:4D:1F:F6:6E:BE:81:EA:F5:05:B2:3E:CA:51:A2:06:52:29","sha256":"B6:DC:11:BE:90:9A:10:29:55:02:55:CD:86:28:90:F2:AF:94:F4:67:42:EF:54:49:E8:64:7C:CE:16:B3:38:7B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www12.playdede.link\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\u0026__cf_chl_rt_tk=x8ai6S8AlVOLP5MeNKmpO3cA0xd8vYHijM.mgcUDmc8-1755989221-1.0.1.1-lPq0KAo9SqNe6UA5la4PH9eEBsatl6Ei6l8cbdDeeaI\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sat, 23 Aug 2025 22:47:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver-timing: chlray;desc=\"973e263a1d1756c9\"\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qH%2FdFgp1KF4305Zr5DvujuSPgxfDJAJDwS9MqOwMK2HZrzmTY5VXi5%2F6flhcLQlGO2imaapL%2Fx8KGTISy%2BNftkHxXZLWruzqh8GxyKh22tNj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 973e263a1d1756c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4754,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (4754), with no line terminators","md5":"97451617621cff5f8418022cd634fd93","sha1":"1816c623afcaf414f1e89c491b316c54d39b0a53","sha256":"d02e3acdc5cbf70e4a973bec3e214fa68f1f380ab3f50746211154fa5bbd0cd2","sha512":"40564d483e07cd41bbb66572fe5999d1df9d75b108718a99597a0fdc8a35da5213df9448ee4d2580f6fa0ee36efded8af1970b5054a8c00119ed372b54ecefbf","ssdeep":"96:PNybXZtIEb0EFW87IffROuemOuHqxUZ3MILm970NT6lFsv+g6qYzueh8ZOuimw:PNadBiMueJuHpjLQ0N4s83yOuFw","tlshash":"4da15de3a5111023b3fb6bf701f7b32893119551cb01a149ea92e96ce1fff4785961c8","first_seen":"2025-08-23T22:47:57.491727Z","last_seen":"2025-08-23T22:47:57.491727Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","date":"2025-08-23T22:47:02.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 27 Jun 2025 18:18:48 GMT","end":"Thu, 25 Sep 2025 19:18:44 GMT"},"fingerprint":{"sha1":"FC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71","sha256":"BB:03:73:81:C3:D5:2A:60:50:9B:EE:D1:B3:C9:4C:36:9B:BF:95:CD:0B:6D:F8:90:F3:87:0E:0D:F9:5F:4D:CA"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 23 Aug 2025 22:47:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 86\r\ncf-ray: 973e263dfdba5694-OSL\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced","md5":"70c202196187ab3c11b4e094c20c6de1","sha1":"9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863","sha256":"6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643","sha512":"7e6168e40cce79239fc00a05381e1e95ca3534905d3fc1467973927f317b7f12b6f3e76960d5202c40046618b51e0895082e22338b1b9971038fa0ba158117e4","ssdeep":"","tlshash":"4ea022f3b2203c3eeb2a2333022e8030f83020b803828e0c000eec332a20208c0ca2c2","first_seen":"2025-05-13T14:11:45.873663Z","last_seen":"2026-04-03T11:40:49.866694Z","times_seen":265776,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=973e263d8d465694\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","date":"2025-08-23T22:47:02.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 27 Jun 2025 18:18:48 GMT","end":"Thu, 25 Sep 2025 19:18:44 GMT"},"fingerprint":{"sha1":"FC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71","sha256":"BB:03:73:81:C3:D5:2A:60:50:9B:EE:D1:B3:C9:4C:36:9B:BF:95:CD:0B:6D:F8:90:F3:87:0E:0D:F9:5F:4D:CA"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=973e263d8d465694\u0026lang=auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 23 Aug 2025 22:47:02 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 973e263e1dd95694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":144651,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b27a607bd92d3138ef8d6e5cb77cd9e7","sha1":"399a02086e2dbb8835cdb3036c4c7540a841b9f1","sha256":"8fadb01150d36c50a47fe3b05da278fe1eac7cb604deed965a4214146c777954","sha512":"c107a56a67abef4cf78b2155884316fe450cbae581338318b5a032254ec3cf0c35b81ebd125d7f6c8a9fba1f64c21342427e5f4ece75df525bf400c7208368a1","ssdeep":"3072:7gx3FUEX2/YONPJn4l04tjBbjw4iRddwW:MFUEX2/YciujRzwW","tlshash":"74e31acd3aceb18213a6343904673dd7a1be588c710c2c6de56158d078f8b7866ebee5","first_seen":"2025-08-23T22:47:57.493731Z","last_seen":"2025-08-23T22:47:57.493731Z","times_seen":1,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-23T22:47:01.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playdede.link","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 Aug 2025 23:04:18 GMT","end":"Tue, 04 Nov 2025 00:01:36 GMT"},"fingerprint":{"sha1":"0F:DF:CD:4D:1F:F6:6E:BE:81:EA:F5:05:B2:3E:CA:51:A2:06:52:29","sha256":"B6:DC:11:BE:90:9A:10:29:55:02:55:CD:86:28:90:F2:AF:94:F4:67:42:EF:54:49:E8:64:7C:CE:16:B3:38:7B"}}},"request":{"raw":"GET /redirect.php?id=2fd2570985c843683071bebf4d246dc2 HTTP/1.1\r\nHost: www12.playdede.link\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sat, 23 Aug 2025 22:47:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver-timing: chlray;desc=\"973e26385b4256c9\"\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FvI%2BRB6Y%2BIMkOmvw%2B7qmsgMvzoSFt2sezeJgWGgB7G5YreOLmIfKDUtF5l%2BYoFa3CEhKVobUzpCpnNay9p0JFfrLKHfq6yyBpg2h%2FHpkFss0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 973e26385b4256c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4908,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (4908), with no line terminators","md5":"1b37ad8151c91b55859ccd4e89c549dc","sha1":"0f1b886a93a65d81cf7226736213ed0cf8932b59","sha256":"f4d11f7f787204b6b0615356e356c9faf021680b6c27d523a3c670e3fea2dfcf","sha512":"cfab9240484c398459e7b2a527a9fe9cb384ea918163cdc0a63fefe6115d986ba46975e2e244f9b06b194ced6679061bd82b3bf38de04e52ccbb25c63b03df19","ssdeep":"96:PNybXZtIEb0EFW87ImLmRzRMfihB2f3tqhBYzueh8iiPmw:PNadB/WRMfi+3tqhWykiOw","tlshash":"e7a15debd6115029a3bd0fe640bbf3584320b1519b018ad0f694d56cc7faf0bc16e9c8","first_seen":"2025-08-23T22:47:57.49488Z","last_seen":"2025-08-23T22:47:57.49488Z","times_seen":1,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":21,"dns":1,"connect":1,"send":0,"wait":10,"receive":0,"ssl":17},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=973e26393c0d56c9","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","date":"2025-08-23T22:47:01.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playdede.link","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 Aug 2025 23:04:18 GMT","end":"Tue, 04 Nov 2025 00:01:36 GMT"},"fingerprint":{"sha1":"0F:DF:CD:4D:1F:F6:6E:BE:81:EA:F5:05:B2:3E:CA:51:A2:06:52:29","sha256":"B6:DC:11:BE:90:9A:10:29:55:02:55:CD:86:28:90:F2:AF:94:F4:67:42:EF:54:49:E8:64:7C:CE:16:B3:38:7B"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=973e26393c0d56c9 HTTP/1.1\r\nHost: www12.playdede.link\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\u0026__cf_chl_rt_tk=x8ai6S8AlVOLP5MeNKmpO3cA0xd8vYHijM.mgcUDmc8-1755989221-1.0.1.1-lPq0KAo9SqNe6UA5la4PH9eEBsatl6Ei6l8cbdDeeaI\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 23 Aug 2025 22:47:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zeXzp1U2GJ0JcaoZZv%2BGN0pcxsR5VIc%2BsL9CFqKSDdIfVXcMzEYLRtr%2BhKdW4igb3cMkbPnA6LfFR4iR%2Fn3nfJQjXy8jzoSnp1VPO3kan3Rf\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 973e2639eccb56c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":121987,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2bac47e366e06b5b30c46e6942c8ad33","sha1":"f322409141dc22df2b074db5160bbbebbdb96cbd","sha256":"00330f3518b3f39f961540264868f3c592a478ef878ee666545437f3cd158efb","sha512":"5eccb47c7abee6bf2bac0b06ef372d58a6f0b83ee0ef7d04713d8866f563b45a8b849cf4363aa56d388faf7766883d61366922d9d9dfa7ed3b4693e11ffb4b8d","ssdeep":"1536:uZoUYCj1LyL49425DJketIywMddCzO0aco5MnNusrBMyGVCUOd:uZo06zEf9LMrBMyuC1","tlshash":"2ac3c88e74db754a43276471442b38c7a2bf3c84b018490eae50e8d4bdda718b6b7dbd","first_seen":"2025-08-23T22:47:57.495795Z","last_seen":"2025-08-23T22:47:57.495795Z","times_seen":1,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/favicon.ico","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","date":"2025-08-23T22:47:01.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playdede.link","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 Aug 2025 23:04:18 GMT","end":"Tue, 04 Nov 2025 00:01:36 GMT"},"fingerprint":{"sha1":"0F:DF:CD:4D:1F:F6:6E:BE:81:EA:F5:05:B2:3E:CA:51:A2:06:52:29","sha256":"B6:DC:11:BE:90:9A:10:29:55:02:55:CD:86:28:90:F2:AF:94:F4:67:42:EF:54:49:E8:64:7C:CE:16:B3:38:7B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www12.playdede.link\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sat, 23 Aug 2025 22:47:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver-timing: chlray;desc=\"973e263a5d5e56c9\"\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WZWjdfPPYafZmRSEnZrjkCmhh3PtblpyB7%2BdM1UgAz%2F0LSxhrjOVMOOJz1hCvR8bwdxdpxHvVF7p7a4QBMJsoYzjZuCRDHjp1RsDL4G51E9p\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 973e263a5d5e56c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4754,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (4754), with no line terminators","md5":"a25b74f703a2e3610978a02aecc4f94b","sha1":"247d6c159ef9e1d1b8c31242369d4e9be1a4f672","sha256":"251e5cc5b6871ef474179b06601b0c240de795ede7f225d4231a50483270b55a","sha512":"3ead3ff9d85e4e8657d8ecf919c8bd5721db05bc4063c3338236c09ca7a3272e4db3446a6462a87850ae8685da586cb90694c8a1d58ed07fd72e5c0941447789","ssdeep":"96:PNybXZtIEb0EFW87I/RTg5JRg5dd3kZlUZvloDhUlJTkYzueh8Jsg53mw:PNadBuR8Tut3kzUVGDCBtyVQw","tlshash":"92a12aba9c014027a3bb5af28477f308935195254b039194ead1d92cd3eff8f41a869c","first_seen":"2025-08-23T22:47:57.496769Z","last_seen":"2025-08-23T22:47:57.496769Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/127797759:1755984721:G1FXMMZr0-SAhx2Fe_rr_b6s5keK8c2nNaO-FfSvLIU/973e263d8d465694/U9QMS7k.9sP4NOUH36rOo.VfyPSCZkWZ23plN3wT52Y-1755989222-1.2.1.1-ftwmBWFasW9G3NC7soItluD9oouwO6O_3_AI2RWrJkwZjYBnXywm5OzGwkxxWUSJ","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","date":"2025-08-23T22:47:02.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 27 Jun 2025 18:18:48 GMT","end":"Thu, 25 Sep 2025 19:18:44 GMT"},"fingerprint":{"sha1":"FC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71","sha256":"BB:03:73:81:C3:D5:2A:60:50:9B:EE:D1:B3:C9:4C:36:9B:BF:95:CD:0B:6D:F8:90:F3:87:0E:0D:F9:5F:4D:CA"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/127797759:1755984721:G1FXMMZr0-SAhx2Fe_rr_b6s5keK8c2nNaO-FfSvLIU/973e263d8d465694/U9QMS7k.9sP4NOUH36rOo.VfyPSCZkWZ23plN3wT52Y-1755989222-1.2.1.1-ftwmBWFasW9G3NC7soItluD9oouwO6O_3_AI2RWrJkwZjYBnXywm5OzGwkxxWUSJ HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/\r\ncf-chl: U9QMS7k.9sP4NOUH36rOo.VfyPSCZkWZ23plN3wT52Y-1755989222-1.2.1.1-ftwmBWFasW9G3NC7soItluD9oouwO6O_3_AI2RWrJkwZjYBnXywm5OzGwkxxWUSJ\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 4247\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 23 Aug 2025 22:47:02 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-encoding: br\r\ncf-chl-gen: +4yR4I/zQe+eT+qMXje2CfTieDVsJpN3V9fNIv3027R74lAbbZZ3KKwmdoKZStFPQbOaQTnAWto5fc0HX52pCWa8jHtA0Wx0TwdAh2swHF6bOJB63VlJD/S8njY1yEX/Q0WltWBXVmRHRMduWlEvueS4ipNMpEarkGeuMvLk5dATanjyE04D854l29Aw5kpzVwiX/HeDz3NMCvelGxNbHV6CXpytimI4EKi3kvXlsSohaeBpoUhGexMxDN/Gw8ASb2QMBETRSYngJnIvcx/yrgXuBHcKaUJia9xNSx5mHJ/FokChqHsUU0Ge8fYMQb5li6xBq1PlLtCvPd73ECrWEAmbl/ly6unXR4Z/g8sqM+Ivryb7a7/MPDL0fymr6bwTYbEBmFueEZEZ1KNJuKhriHdXX2E5EUsOK3pOQVCDMpbXPTUPr9BJlgFKyVfA6OiRYfxor/cAlPiTZaOaIh2b1sktkHHZf0pQ8yRJlXFWxTRa/uUmqYo+gced/eUXdKkmh+rwsT8h9iO7tnVGCckPvwJ5U7bi5zD0Odi0VN6tOdKuvtA03sA9KQjoe1gf8RmGEd1y7W3tVCKbGl3iWidbfQ3sJfKmAZL+BKcjdDusg6yDnYVrci8Y2dtfHTD8Bc2WRzeQMjnVc+83hZOnwRrMtUc8NQmZdR9BIs+z6E9EWFVF2c1wsZW+PHmezoC+KNmZo4b+oWRGqPkc7Nnvk82Na3jkR8zpmej2ho4op63s5NRiQn43rMqW98M4ZtLliPnO27TkH33nT71LlKcfAB11kg==$zQm0kXRdaNsWXINfX2un+g==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 973e264088335694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":283736,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ae29f908566714bde303b2bf559e938d","sha1":"0b12b103373883e3cd3d72852d85de50a3b95cac","sha256":"f5370972c6e2ff9afa39f12f66a3c05cf2923878051833c8aa68d8486a7942d2","sha512":"b2413c8c8792a6d37bb7ac65080a78b3ab1421942ef122e76d286345b33d8aec690ae716c7925ffe08ccf2873812defd8509ee44b011217a34695722a4583786","ssdeep":"6144:3Cdq7d3bLcFz04zy8NDxfZwZLo139AIPncx3ZxtGaQclGe2MrUQ:hZPU04ztxfZw129Nkx3ZxtrxgfSn","tlshash":"035422567e652f6d4a2688ef9b72154b74085fb10022e711cefe2c4f983be2d932c634","first_seen":"2025-08-23T22:47:57.497849Z","last_seen":"2025-08-23T22:47:57.497849Z","times_seen":1,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":104,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/973e263d8d465694/1755989222507/7a45ac91d46098b7376e4778f01d111f668b259503d826c7c3b3c7d93e98550e/3JDCsvJACnhKihQ","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","date":"2025-08-23T22:47:06.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 27 Jun 2025 18:18:48 GMT","end":"Thu, 25 Sep 2025 19:18:44 GMT"},"fingerprint":{"sha1":"FC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71","sha256":"BB:03:73:81:C3:D5:2A:60:50:9B:EE:D1:B3:C9:4C:36:9B:BF:95:CD:0B:6D:F8:90:F3:87:0E:0D:F9:5F:4D:CA"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/pat/973e263d8d465694/1755989222507/7a45ac91d46098b7376e4778f01d111f668b259503d826c7c3b3c7d93e98550e/3JDCsvJACnhKihQ HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 Unauthorized\r\ndate: Sat, 23 Aug 2025 22:47:06 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 1\r\ncf-ray: 973e265969425694-OSL\r\nwww-authenticate: PrivateToken challenge=\"AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gekWskdRgmLc3bkd48B0RH2aLJZUD2CbHw7PH2T6YVQ4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB\", max-age=20, PrivateToken challenge=\"AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIHpFrJHUYJi3N25HePAdER9miyWVA9gmx8Ozx9k-mFUOABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB\", max-age=20, PrivateToken challenge=\"AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIHpFrJHUYJi3N25HePAdER9miyWVA9gmx8Ozx9k-mFUOABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAorNs8P65lcw_30Yffu3jnz5AnFV_GaOvQNSLfeOkthj4z1BmtPmql4aFuZb4YqoUjN4oYsGShg5ORvQHPo0ti-CEDGl1IeL9jQSwteuLTMa3FvaBQssfiE5DCBdjtxk1-0_7AZXomsP9S2-dw8MzWdpWxNm1EA5GGa2r0RQCnw2l_Wn96WZSek5D35BNHHRpj7qZG94J4DcBgp0mcvaHVtnBlysfXjeRD_NravDFkNrbq_V5HciQ6JkN_6Em_xcilrvhfnp2a-ZpeeBsti3nHjnd9njaWIVS5lMtiYb93JV7VnWo8fnLG2twtrzcawFU1eS3BsZyT_OJr7onMyki3QIDAQAB\", max-age=20\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"ff44570aca8241914870afbc310cdb85","sha1":"58668e7669fd564d99db5d581fcdb6a5618440b5","sha256":"6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5","sha512":"3c266c0035de59eab2a0dd31b3dcb4a9dd157b310289e5db9ab4f8c2fddb7433466d48f25da7ad735a1cb8f2935aa612ad1f62f0efcece3933ba9979082e2304","ssdeep":"","tlshash":"c700000000000003c00000300000003000000000000000000003000000000000000000","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:46:59.814844Z","times_seen":400299,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/4710d66e8fda/api.js?onload=XaVFY8\u0026render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","date":"2025-08-23T22:47:01.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 27 Jun 2025 18:18:48 GMT","end":"Thu, 25 Sep 2025 19:18:44 GMT"},"fingerprint":{"sha1":"FC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71","sha256":"BB:03:73:81:C3:D5:2A:60:50:9B:EE:D1:B3:C9:4C:36:9B:BF:95:CD:0B:6D:F8:90:F3:87:0E:0D:F9:5F:4D:CA"}}},"request":{"raw":"GET /turnstile/v0/b/4710d66e8fda/api.js?onload=XaVFY8\u0026render=explicit HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www12.playdede.link\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 23 Aug 2025 22:47:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\nlast-modified: Thu, 14 Aug 2025 15:17:42 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 973e263a9e23b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48995,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (48994)","md5":"49d515b98ccae9634aff66a4ca77af98","sha1":"bfa5462a4f47c2350dcd0b3000e9cb54bec63c21","sha256":"4ca696d2fb66b44648a8fd55bc9eeaa6958dd9e523c4a740365823c30d4fc087","sha512":"856b855e0662da94dc3d314080976df11b5cb203d5ac498bacd9d201013e82258ee66ba1c3bb948e0ea71dd319345d9988be765daa3a276f8571e1787a38cc39","ssdeep":"768:XC6BRV2fM4lLa+rnhPLy6PuR8u5jUjRFPlBMqfspV6q11AY13kep+ORWqxIrm3LW:J2E4lLa+rnhT/oj2P6V6GNI","tlshash":"8f231b583256793227e980e1617ba74373257939e94ccc50d423c86536bcecad233fba","first_seen":"2025-08-15T11:12:03.097811Z","last_seen":"2025-09-08T12:15:40.897517Z","times_seen":20901,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":17,"dns":1,"connect":1,"send":0,"wait":14,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/973e263d8d465694/1755989222505/iB3zGxtoRq8TNFH","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","date":"2025-08-23T22:47:04.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 27 Jun 2025 18:18:48 GMT","end":"Thu, 25 Sep 2025 19:18:44 GMT"},"fingerprint":{"sha1":"FC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71","sha256":"BB:03:73:81:C3:D5:2A:60:50:9B:EE:D1:B3:C9:4C:36:9B:BF:95:CD:0B:6D:F8:90:F3:87:0E:0D:F9:5F:4D:CA"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/d/973e263d8d465694/1755989222505/iB3zGxtoRq8TNFH HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 23 Aug 2025 22:47:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 516\r\ncf-ray: 973e264e8e9e5694-OSL\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":516,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 23 x 94, 8-bit/color RGBA, non-interlaced","md5":"efd9dfff2ca446f4d8e74a9dad0e0a7a","sha1":"03043aea81384b17535176020ea788fe6a3add3a","sha256":"24017ccb4f77e47d8732b9646f1b011724f784c84bc36265ffb1d25a978c20fe","sha512":"364ae07173be1d79975cfbe92479a00c32138db7dc8b2e99667ada1322ac938d06d134dcd0b079920df2a7d5b702baf911e2b4f2aa07e760e0aa709d39096444","ssdeep":"","tlshash":"2ff07f886354b330c789d991b1b0c317442db9853a22c4dc421ec9313332ca763c0199","first_seen":"2025-06-03T21:05:02.01817Z","last_seen":"2026-03-31T15:17:00.430623Z","times_seen":105,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/127797759:1755984721:G1FXMMZr0-SAhx2Fe_rr_b6s5keK8c2nNaO-FfSvLIU/973e263d8d465694/U9QMS7k.9sP4NOUH36rOo.VfyPSCZkWZ23plN3wT52Y-1755989222-1.2.1.1-ftwmBWFasW9G3NC7soItluD9oouwO6O_3_AI2RWrJkwZjYBnXywm5OzGwkxxWUSJ","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","date":"2025-08-23T22:47:07.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 27 Jun 2025 18:18:48 GMT","end":"Thu, 25 Sep 2025 19:18:44 GMT"},"fingerprint":{"sha1":"FC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71","sha256":"BB:03:73:81:C3:D5:2A:60:50:9B:EE:D1:B3:C9:4C:36:9B:BF:95:CD:0B:6D:F8:90:F3:87:0E:0D:F9:5F:4D:CA"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/127797759:1755984721:G1FXMMZr0-SAhx2Fe_rr_b6s5keK8c2nNaO-FfSvLIU/973e263d8d465694/U9QMS7k.9sP4NOUH36rOo.VfyPSCZkWZ23plN3wT52Y-1755989222-1.2.1.1-ftwmBWFasW9G3NC7soItluD9oouwO6O_3_AI2RWrJkwZjYBnXywm5OzGwkxxWUSJ HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/\r\ncf-chl: U9QMS7k.9sP4NOUH36rOo.VfyPSCZkWZ23plN3wT52Y-1755989222-1.2.1.1-ftwmBWFasW9G3NC7soItluD9oouwO6O_3_AI2RWrJkwZjYBnXywm5OzGwkxxWUSJ\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 35522\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 23 Aug 2025 22:47:07 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-encoding: br\r\ncf-chl-gen: dm/jxuc/oUBn5Fuv0pIrSElFkkBmFCzXBThblOxfXtTV/B5z4DCaJA/iVefosNos$X1fyRnJFq4wOKD2x/nybFw==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 973e265ebefd5694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29564,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (29564), with no line terminators","md5":"70191ab2efbda60dc6402d5b149deedf","sha1":"117b7c75e096d55cbca4991c15af07186e98380c","sha256":"ad93f48abf22242ecf9aa301b00c5d5a35d9729cd048c9da6e8532be6863d50d","sha512":"e0dc1d4f8ac8e8ddda2be89b2ff6b4f45388aee1e2b11ace7a57e4273c6a6f3ef48b134a6eafa37628fd0d115d7d6f36e3450e1918a4d15761a8af0075ea862a","ssdeep":"768:UNSWyy9tbcRH2kR3V/3A62wozBVwMpCOY/+Dd7:UzyVV3B3A6259VwMpxM+Dd7","tlshash":"44d2d006ac29725f2759c46208e5a4f877837eab1fe447a441ec75e5f42cec3cba5209","first_seen":"2025-08-23T22:47:57.500527Z","last_seen":"2025-08-23T22:47:57.500527Z","times_seen":1,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":59,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-23T22:47:01.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playdede.link","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 Aug 2025 23:04:18 GMT","end":"Tue, 04 Nov 2025 00:01:36 GMT"},"fingerprint":{"sha1":"0F:DF:CD:4D:1F:F6:6E:BE:81:EA:F5:05:B2:3E:CA:51:A2:06:52:29","sha256":"B6:DC:11:BE:90:9A:10:29:55:02:55:CD:86:28:90:F2:AF:94:F4:67:42:EF:54:49:E8:64:7C:CE:16:B3:38:7B"}}},"request":{"raw":"GET /redirect.php?id=2fd2570985c843683071bebf4d246dc2 HTTP/1.1\r\nHost: www12.playdede.link\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sat, 23 Aug 2025 22:47:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver-timing: chlray;desc=\"973e26393c0d56c9\"\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rcxOZDFh4nzPvv9jTHKfN9jQWvdJllSHHgM7sx0BdfPGRzaXbpuSD1roQ4Zx53Us%2BdbEQLpmnUrW9nhI9vH8iQ7tXBaF5j5NDCdsylNb3gsd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 973e26393c0d56c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4908,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (4908), with no line terminators","md5":"812fd0748373ae4a731b87bbfffbe8e6","sha1":"a5d0a3769b0a064312132b54b28c43cda66db48e","sha256":"ead8763c6a111f8e54f7840593d826cf813a5b3ec04d2ec5fdfe172136f8c131","sha512":"c8ab5c38e8af8395c93c735198a9337dab68bc6824094ee3bcefed921d1fe2f2d8e8532b13b6eeb3f120bbdf08f8828db176502ff3c7227fb8b3a3f12073f15f","ssdeep":"96:PNybXZtIEb0EFW87IQky3kg7rcQEhNKh2F83a5Yzueh8ia0mw:PNadBVky3kgXW8h2F8KOyka7w","tlshash":"bba16cd7ea719033e3e60fe704ebb3b8920028b64305a559e5e1d65cd3eef0b80568c5","first_seen":"2025-08-23T22:47:57.501907Z","last_seen":"2025-08-23T22:47:57.501907Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-23T22:47:01Z","timestamp":1755989221,"ip_dst":{"addr":"172.67.188.187","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":51994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.link domain","source":"{\"timestamp\":\"2025-08-23T22:47:01.304210+0000\",\"flow_id\":1166628090108723,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":51994,\"dest_ip\":\"172.67.188.187\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858678,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.link domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"www12.playdede.link\",\"url\":\"/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":724,\"bytes_toclient\":819,\"start\":\"2025-08-23T22:47:01.285491+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www12.playdede.link/cdn-cgi/challenge-platform/h/b/flow/ov1/946241813:1755988391:9_xCp-usU29OaY6gh98LgSaGGHLy3TCsXDBPY4W_jGc/973e26393c0d56c9/Sz6QaLKmGMrRUJUDYLUjrUi4kRiwyPnU6OG2b.XWF7s-1755989221-1.2.1.1-gOKLDR2YxGOa.pZ29obP_OIP4Y2LnPZEBpjMV0TSkMIlcGZcU3ACuT9zEHZbclcX","fqdn":"www12.playdede.link","domain":"playdede.link","tld":"link"},"ip":{"addr":"172.67.188.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","date":"2025-08-23T22:47:01.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playdede.link","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 Aug 2025 23:04:18 GMT","end":"Tue, 04 Nov 2025 00:01:36 GMT"},"fingerprint":{"sha1":"0F:DF:CD:4D:1F:F6:6E:BE:81:EA:F5:05:B2:3E:CA:51:A2:06:52:29","sha256":"B6:DC:11:BE:90:9A:10:29:55:02:55:CD:86:28:90:F2:AF:94:F4:67:42:EF:54:49:E8:64:7C:CE:16:B3:38:7B"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/946241813:1755988391:9_xCp-usU29OaY6gh98LgSaGGHLy3TCsXDBPY4W_jGc/973e26393c0d56c9/Sz6QaLKmGMrRUJUDYLUjrUi4kRiwyPnU6OG2b.XWF7s-1755989221-1.2.1.1-gOKLDR2YxGOa.pZ29obP_OIP4Y2LnPZEBpjMV0TSkMIlcGZcU3ACuT9zEHZbclcX HTTP/1.1\r\nHost: www12.playdede.link\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2\r\ncf-chl: Sz6QaLKmGMrRUJUDYLUjrUi4kRiwyPnU6OG2b.XWF7s-1755989221-1.2.1.1-gOKLDR2YxGOa.pZ29obP_OIP4Y2LnPZEBpjMV0TSkMIlcGZcU3ACuT9zEHZbclcX\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2455\r\nOrigin: https://www12.playdede.link\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: EQg0pBcDam8ephY311BxWW2oAZ+ILn5CralvSq7BcD8=$eYr83j7mMwcrGr+oIIoQ8g==\r\ncontent-encoding: br\r\ndate: Sat, 23 Aug 2025 22:47:01 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XvdsHjfm2%2Fm40KwbS2cSBgcre2iQdE%2BQKplqnTZBgcMQaEOE%2BEZEQLjvrATUAqbfK2vcSDGjL%2FptY6vWlgjd0IDya8MFt20y3uHTAO4d4cp2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 973e263c0fe80b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19568,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (19568), with no line terminators","md5":"23d693ced92237cd3127745c4e6726f8","sha1":"9293efc9d73dfb8796f619983713379c26da1b9d","sha256":"b37f6be474b2b323bdd70941868b4bfa99ea2c3acfcd48cae937aa5d998eda52","sha512":"cdae14ff0a15e0da79195ed1b110aea5d34b66d6ab2a2b44d2d4daafa73dc529ade14c895d8ed792e90a3c85a88e27751cdc6a8f2c6c634a40be0bea127ffe4a","ssdeep":"384:tgbQkuP+K4tL+u7RsifEPmGndgMtrUvr1ckK9XO0PYSfXHpIsmk2w0JmJrN:tmQD+T+u7GD/nhZUCP9+0PRplF2tmJrN","tlshash":"2192d1250454cd6e23828500b239782297f47d4176e8b896df9f2c4ada1f9a2ef247a7","first_seen":"2025-08-23T22:47:57.502878Z","last_seen":"2025-08-23T22:47:57.502878Z","times_seen":1,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www12.playdede.link/redirect.php?id=2fd2570985c843683071bebf4d246dc2","date":"2025-08-23T22:47:02.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 27 Jun 2025 18:18:48 GMT","end":"Thu, 25 Sep 2025 19:18:44 GMT"},"fingerprint":{"sha1":"FC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71","sha256":"BB:03:73:81:C3:D5:2A:60:50:9B:EE:D1:B3:C9:4C:36:9B:BF:95:CD:0B:6D:F8:90:F3:87:0E:0D:F9:5F:4D:CA"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/enytu/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 23 Aug 2025 22:47:02 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\ncontent-security-policy: default-src 'none'; script-src 'nonce-OfSqIlgCxAXzVb4j' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nreferrer-policy: same-origin\r\ndocument-policy: js-profiling\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 973e263d8d465694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26984,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (26984), with no line terminators","md5":"4c83897f8a82d13c9c2a843b1d70d9fd","sha1":"3816503df75f94af3917896fd58f5b3309669bba","sha256":"48499b9515f959310b316fb85f153a2b7de528c89822147a746ac37bf13aadb5","sha512":"8dca2baffe3996bae43c928e9955520342f1ab521f8317df0babc93eb6b4e6ed641805e329181b3fa527123ce4e40c4c74e6350cf30b64e1b887216f239745aa","ssdeep":"384:NH6U+qdB83E29aJC6tHzSk1b2xdLVSmda3mDI9FBzmu9ubxJ7OCSy:HdGrkHzlJUdLV9da3m8s4C5","tlshash":"69c2b7038a101b7e7553872db3d1b5c9a338ba026f56b1b7f25452a48f4d29f3b53b0a","first_seen":"2025-08-23T22:47:57.504694Z","last_seen":"2025-08-23T22:47:57.504694Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}