{"report_id":"faba1e6e-98e1-4998-af17-b85a56ac5c02","version":6,"status":"done","tags":[],"date":"2025-12-07T16:57:52Z","url":{"schema":"http","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":0,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"title":"TOTO123: Daftar Situs Toto Macau Resmi Terpercaya Dengan Data Terupdate","dom":{"size":41085,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (36559)","md5":"c33544c0ce3cb5588ce2a726200983f3","sha1":"944cd5f9a0bd60c0bdc359e6f69c1c4c91132706","sha256":"4cdff0345e3298a05bf891649c3dcc94c9e8d6373419fffcba356463d7e82373","sha512":"2238ea02b2d799442dd8c8ced5e898de38c73c7edc4fb8b9db3c4ee5efe8dcca9aa70d28ca2eccf3f2c231c4aa4d8267aaa87dea78d19cc24fa489d23ddbd09d","ssdeep":"768:JWYM4BfICUGctU73MUt/1M4m7MMOKfzHVQFzmcxv8J2XYjIdojJP3o2mw4YHisPr:c4bUGctU73MUt/u40OKx0o","tlshash":"380314b658b0192d50234b1ccfe5aa99032cd483b8745ebe7357290bcb4bb4d736e257","dom_hash":"domhasha46c8bf276819aee555022a5fd9a5f0c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":0,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-11T16:57:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"gastoto123.xyz","ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":97,"received_data":74231,"sent_data":43901,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-11-30T22:18:20.693037Z","alert_count":0,"request_count":1,"received_data":60313,"sent_data":470,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"accounts.livechatinc.com","ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2005-10-31","domain_rank":44666,"first_seen":"2017-07-31T05:50:56Z","last_seen":"2025-12-01T02:05:03.956529Z","alert_count":0,"request_count":1,"received_data":1797,"sent_data":534,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2025-11-30T22:18:20.15509Z","alert_count":0,"request_count":1,"received_data":20344,"sent_data":512,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"api.livechatinc.com","ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2005-10-31","domain_rank":29526,"first_seen":"2013-12-20T14:27:35Z","last_seen":"2025-12-01T02:05:04.127626Z","alert_count":0,"request_count":5,"received_data":22938,"sent_data":3030,"comment":"","tags":null,"fingerprints":null},{"fqdn":"object-d001-cloud.cloudstoragesharingservice.com","ip":{"addr":"104.18.17.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-06-26","domain_rank":197194,"first_seen":"2023-06-28T19:31:32Z","last_seen":"2025-12-03T19:36:37.028424Z","alert_count":0,"request_count":3,"received_data":252241,"sent_data":1500,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.livechat-files.com","ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-02-13","domain_rank":159656,"first_seen":"2020-04-22T09:40:29Z","last_seen":"2025-12-01T22:17:50.382038Z","alert_count":0,"request_count":1,"received_data":5018261,"sent_data":505,"comment":"","tags":null,"fingerprints":null},{"fqdn":"premicloud.net","ip":{"addr":"172.67.141.253","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-07","domain_rank":48055,"first_seen":"2025-04-16T14:37:33.865637Z","last_seen":"2025-12-04T03:08:21.004264Z","alert_count":0,"request_count":1,"received_data":96270,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-11-30T22:13:37.547558Z","alert_count":0,"request_count":7,"received_data":198766,"sent_data":3832,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.livechatinc.com","ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2005-10-31","domain_rank":36142,"first_seen":"2012-06-22T08:37:34Z","last_seen":"2025-12-01T02:05:03.965577Z","alert_count":0,"request_count":16,"received_data":1020733,"sent_data":7689,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"cdn.files-text.com","ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2023-08-09","domain_rank":89437,"first_seen":"2024-04-10T05:26:58Z","last_seen":"2025-12-03T17:22:59.762423Z","alert_count":0,"request_count":1,"received_data":39312,"sent_data":566,"comment":"","tags":null,"fingerprints":null},{"fqdn":"toto123gacor.rest","ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":118,"request_count":119,"received_data":2816193,"sent_data":101011,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]},{"name":"Laravel","description":"Laravel is a free, open-source PHP web framework.","website":"https://laravel.com","common_platform_enumeration":"cpe:2.3:a:laravel:laravel:*:*:*:*:*:*:*:*","icon":"Laravel.svg","categories":["Web frameworks"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"secure.livechatinc.com","ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2005-10-31","domain_rank":8212,"first_seen":"2012-08-20T19:27:12Z","last_seen":"2025-12-01T02:05:04.072635Z","alert_count":0,"request_count":1,"received_data":2002,"sent_data":716,"comment":"","tags":null,"fingerprints":null},{"fqdn":"landingsplash.xyz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-04-09","domain_rank":97769,"first_seen":"2016-04-22T01:18:08Z","last_seen":"2025-12-03T22:48:38.238717Z","alert_count":0,"request_count":3,"received_data":253004,"sent_data":1407,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"iframe.oasisid.com","ip":{"addr":"34.142.172.125","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Singapore","country_code":"SG"},"domain_registered":"2024-10-02","domain_rank":358198,"first_seen":"2025-01-01T03:35:13.860028Z","last_seen":"2025-11-29T09:19:10.711473Z","alert_count":0,"request_count":1,"received_data":20206,"sent_data":416,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-17T03:07:52.610836Z","times_seen":332617,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/11.al-9NYxR.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"4a073c5805819d74eabd3e843372d502","sha1":"cb12e953dbee2d3ea08d35d86bcd2476a490bda9","sha256":"0cb3247cac5de8fcdfb226ebe2dc4960b6ed473966359f73ca13ca286309122b","sha512":"036da8fb3959ebbef26b546019535a9edb7a99227a28252878247a756d3a7ea693f48e9ffdaf5886faa7fb2cbe56292bbf9552db5dd1d26e6574d8034ee183ba","ssdeep":"","tlshash":"ebd0a78cb643b0b16276b138853f801fb035e984a44404f0d13ad9c03d7c1a97597c5d","size":236,"data":"","first_seen":"2025-11-04T08:39:27.95245Z","last_seen":"2026-04-17T02:01:43.457334Z","times_seen":11808,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"899260e21a62d15cd480f06ef7f9899a","sha1":"8f1f0be45d1b41a694157a22c76a4cb66e17f4d6","sha256":"793064df3303b47045519af6fbdd51122afcca3c8b75cdb6dcdccf399e675725","sha512":"9ac0893b584ed1bcab56f5b377ad1d503ba9e1d3b48d97d095854fd806969e5ffa120eabfd7a6c274a6bd2c37889868c910fedba2bf640ae7c0510a51a5d4e47","ssdeep":"","tlshash":"78e0c62e1d10e0a514365b433c2fc2382ce063a8a323e30ca8ccec0f416aaea0c74d26","size":346,"data":"","first_seen":"2025-12-07T16:58:18.673911Z","last_seen":"2025-12-07T16:58:18.673911Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/js/custom/floating_icons.min.js?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"a1f9706eeee7690ce0fb65264290a61d","sha1":"f47499adeca0a42d73894a8424a5dc65e1c8cde4","sha256":"afbf313c9cd8546932da922fcd36f00f9e0787370ac0d46ca82d3cb31d15d0ea","sha512":"99830735da3f51fcb6510a5f682638c2ded1a875790cdc5ed9eb928decf8d744a48e107d92af6db421b666a86cc88542c187c2d2a0c86535937143bbe898e15a","ssdeep":"","tlshash":"0f2186a083a6d43d83809166c37493097854302efe529640fdfc8a8b1ba9d4c6c23efa","size":1172,"data":"","first_seen":"2025-03-20T08:45:19.929797Z","last_seen":"2026-04-16T22:16:07.074086Z","times_seen":1557,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"iframe.oasisid.com/idnl.js","fqdn":"iframe.oasisid.com","domain":"oasisid.com","tld":"com"},"ip":{"addr":"34.142.172.125","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c2a621694b3d71fcfc5867ae8de9682e","sha1":"76eed4e579c13cd2500afa966712353c9a397171","sha256":"b66d030208c35e79708435f27da5bd708fe5cf447d298a3abc054045611570de","sha512":"20fd2449d026cac58a85d5ea58dacb5635c37e3eafa6807668a0075affa00ebda1adcf5e6fba455b1812c02d9e7c173081df9622f935a255359fb58a248a19e5","ssdeep":"384:npgQxhy9umBqUiTaVxxMxgQZPJgEzTFWcgUb8u4v3QWht:pgQ+9fUyxxMeQZPJgITFWcgUYu4ht","tlshash":"8f9220183eb07d63260a7bfb361ab4e8d8847c5ee952049fe144ec91b549173e6f1638","size":19871,"data":"","first_seen":"2025-10-04T02:43:23.602403Z","last_seen":"2026-04-08T05:36:06.781804Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=18727416\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Ftoto123gacor.rest%2F\u0026channel_type=code\u0026origin=livechat\u0026implementation_type=manual_channels\u0026jsonp=__sufjpsfbb8","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"b4c9c03720118f20cba62ee327a80b88","sha1":"a296edeb95732c3f7157b56dedbd3284bd78eede","sha256":"d50316be3caba18d1979cc4df6eed9654afa55797826f0ba642af5296eb49859","sha512":"084a88668dcc2bd8e2e6f0aac7c50108842f0e95477b65ff53365d63c3e4f529804e86e3af78d23232a7582c6d4dc7e6d61ec25d0b2be3932e4e007b08cb3160","ssdeep":"","tlshash":"f1e0d872ba2159386ac1f7ea94107d46ba311666d109197cb0761700e72b7ecfb31546","size":384,"data":"","first_seen":"2025-12-07T16:58:18.599919Z","last_seen":"2025-12-07T16:58:18.599919Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/4.C_rgEAoe.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"1771376dc07da48b3f03339d86d57b7b","sha1":"a5861ebfff23a92ccd1ce6b8a517b6f877d50a63","sha256":"6e148df31d721a0ff08563f2d676751786e01418c86ee54ee8f0e88aa46ae26a","sha512":"6038efed0774fd61c7bf6558d3ea24ccebfada1041fa2c1606263a19f8700043a18f6e368ed550fc61f644eb7b81f8cac01498f30cc56a103295911b28e436b0","ssdeep":"","tlshash":"afc022563060f3a502bb0ed00033e02af32a402cf0ebfa80a65cc4f020630530a26b1b","size":193,"data":"","first_seen":"2024-06-24T12:34:02Z","last_seen":"2026-04-09T10:49:40.045057Z","times_seen":23532,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/livechat.Cfld2iXG.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd38a0ab1be935c31d94513296239cee","sha1":"3f53f37f02d6b0065d224a7dd663cb063b05b2bb","sha256":"5cd3d25405afb450a9165804f3d5c3f55c0522b4cccb3ec14d97644c16c1b262","sha512":"646a90cd8ce514a2ad6c6df1e13fd07eb2ef13ed795a51b85d6e70a62acc65d6c276da3688758829ddd64207d5ddee7a15f1862559cb8f00b6e481f4b3998bf5","ssdeep":"","tlshash":"f1e095caa6446ce6f2e9ece9c810a0e246f253964be483b0d0cf83614359076cf16963","size":432,"data":"","first_seen":"2025-12-05T11:45:39.943818Z","last_seen":"2025-12-08T08:57:32.429298Z","times_seen":213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/3.DiEu57nc.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"47eb50052f15cfc1d88aa1554601e55e","sha1":"f805750b3d2e016885055b29a6e9ab8394c8599b","sha256":"7b86440589ee714b1c7a6d74e6d9a691f1280d57a36376c440cf949ceed5381e","sha512":"addcf2f225368a1dd929e431171096fd397be6d2175d4923be40eb5b8fa10d0934ce036b63bcb76b95444653e0b4db6d80c06885f4b3535c89e24b6420298da2","ssdeep":"1536:9gZQTsyz+6WzvhFCvB0Hx6J+vXlKAwTwH7nDPWnYlkChX8qg4JklHYD8b:9gKTsyzTWzvhFCp0UcDOnA5sFikRYD8b","tlshash":"dad3f8e83996f5626bf312b700af1817733c192b280c4990a211fdddb5b845ea17bf9d","size":138434,"data":"","first_seen":"2025-11-10T12:08:03.375538Z","last_seen":"2026-01-13T13:49:38.678696Z","times_seen":5241,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"javascriptURL","is_inline":false,"md5":"69165ebff8690c39998558705627e927","sha1":"b86888593992fa44c3d1fe1c665367cb214e5416","sha256":"0de7a49f6d21fbef846aba4bd271502d7ec9489bfbb3fd96f5ff7cf19140875e","sha512":"5ba1e5e8c8d56c3f9e73156c711a2a9e69dc86f53f47ce07bd59f79e9f8190e0a63a46c05270582b3afdc144f98d15622a902864c5635409e682c317640a2371","ssdeep":"","tlshash":"4250000030000000003000000c03c030000000000000000000003c003000f00000c000","size":8,"data":"","first_seen":"2023-04-10T23:38:56Z","last_seen":"2026-04-16T22:16:07.22668Z","times_seen":13827,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"13afc67b220ee7192357de5bc27d6794","sha1":"b6ccb0908c4987e21286dbb0ac48a3e2024e09d1","sha256":"0bc8764e579018019022550106792a1633608ca94a2401bbd22825f3c377316d","sha512":"3765354cb933f93d90845dc4b6a68bece0f3f63469a27eeaf6e443c61736c586ae6b3bf3443992a79392aaa8e8d5f628d02e72cf02b47204efece82ef494f9b9","ssdeep":"","tlshash":"07f0234d3c52f05337f93534c2238aaf3362070031835528c605cc2438508860846c8e","size":445,"data":"","first_seen":"2025-12-07T16:58:18.67532Z","last_seen":"2025-12-07T16:58:18.67532Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/tweet-js/jquery.tweet.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6d5a5f7a0d7af2a2c63b97919cac65a","sha1":"1f61ee273e334ebd7388e219157bf8654482f009","sha256":"431cff4d223f3296f7d4b543573271745a91d9069a3666844fb3b037aad844c7","sha512":"a8b64bfe5a39d6b58e1d5b9d1864ffb0e87be8e164a0cf71a39fcbad5c4a81fb4ad400dc6416e6a970265d3804954809949678bcc639fb10f763767777ac6922","ssdeep":"192:7IXczrVLA8Tmk+a5m21yVTp5Czsa5qdmzVQjBIxbFDyZ1ewMOVrkxmtUtkwR:PAOjXsa5wmiP1utkwR","tlshash":"63029370f196503b0ae32272b91b6390b73dca4bc5d5dd53c37594482fa5f96a232ac3","size":8209,"data":"","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.220548Z","times_seen":2047,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/js/vbulletin_md5.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a28d5e018df6a763d8c43e320c82944","sha1":"718f3148bc0ebed7f32bf13cbd9766b098488fb5","sha256":"94a03d94ea079e4a5877a8d14914288246f30a12b3833c8d59ad22dffc63a7d1","sha512":"32e9914b734a44497c081172e5ec0acccac466b4a26b674c68caab856f99f275674a96dbb10d41a88f2d9ac2eb2f2c5bf3d4f84786b45e9af8597971f11e67b0","ssdeep":"96:aa28J0Hju1W1nK21b1DxMOUe1kTQBstOJMFGMvzEAPwqJfAXYCfFQXE5JaGXC6rS:vOq0xvNJUNOqwqJIoCtCE5bIN","tlshash":"61c1fd40b781c17ad7bd8ef0bc4a1f4ef17edaa808065404b5b28edc4ded47944a9f1a","size":5689,"data":"","first_seen":"2023-03-14T18:52:00Z","last_seen":"2026-04-16T22:16:07.118632Z","times_seen":1851,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/js/auth/login.js?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"deed0cdf923a4c3df7b304e0de77babb","sha1":"8cf62733452e10f15f39d174ab9e30bfafa24bf5","sha256":"f803b887d67769db325a80f18b28184347181470ee5a88898c06dace2f962b93","sha512":"50274f0b996f60aaa5eea717f4e282a2448664c1c00cd885d22046dee70da4ccf3b802881f14bd208e1e53916b3365b1191cebfb095b7df433b6bf6aa70755e1","ssdeep":"768:ecgL4xGwcgZQadosTJ+tvOx5AActYjQBN:ecgL4xftndoRtmp8KQ3","tlshash":"4ae2d88cf2c3f47907c3a16d801f8415f23ba454a5498898b75fcae269b598de123fb9","size":32318,"data":"","first_seen":"2025-12-01T18:46:12.831338Z","last_seen":"2025-12-17T20:21:18.082635Z","times_seen":93,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/js/frontend/desktop/template_v1/before/index.js?v=mgkt6h1vnatns72muqoz","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"6e5ce401fa29e20cf8f52e5d754a5d5a","sha1":"b55566fc452442bfffc73943eea5177ccd00fcac","sha256":"7f1d23659e76eca87d310351b7598a64201f99a8be2a947319f0182cdc3b0cd2","sha512":"e4ac4422d6aeee85a36002a6ca346faad7e1de6510ed0253b2130dfefba2bf6d3e186a0907af294df5d71118a002f6dfc6cc9f2e4e9eef40ce374fed672bcfd5","ssdeep":"192:ATn2PoqeRfRll0OR4HCcbNQNJ/OhxwBZcAoL/3eqnhqgSt081qq44WIzEtMyCGWV:YpqEPRfeIJWhDAoSD3t0mlxWeyOfOydJ","tlshash":"3c4294c8b6c6f47503d36670902f1106f23a6919b51d9480f72de9d2be7884ea237fb9","size":12408,"data":"","first_seen":"2025-04-15T10:15:48.992845Z","last_seen":"2026-04-16T22:16:07.200643Z","times_seen":1495,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/global-mapper/lc_license_id/18727416/region?jsonp=__lc_region","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"b17346aced6298b7e1cadcd62f40003c","sha1":"c28b849fff4b4d9d006d803bc4d18368446ddce4","sha256":"a379b1707064386da00957301b6eb053249cfb462047d44e4fb6d52898f5b78b","sha512":"93be3c00856eedc8cedd0c7bd2b2a5873aa85dcf9e893d9e972421d122c568cbb1c9b4ca633497bc80900f688898040a218616dc69a4716fcd3d5a2dc93fb928","ssdeep":"","tlshash":"8080000e20002ae30a20ef3e8023ec0cb03e033223008288c302208228002b0822ae0b","size":35,"data":"","first_seen":"2025-05-16T12:26:33.454661Z","last_seen":"2026-04-17T02:19:45.764975Z","times_seen":23087,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"javascriptURL","is_inline":false,"md5":"69165ebff8690c39998558705627e927","sha1":"b86888593992fa44c3d1fe1c665367cb214e5416","sha256":"0de7a49f6d21fbef846aba4bd271502d7ec9489bfbb3fd96f5ff7cf19140875e","sha512":"5ba1e5e8c8d56c3f9e73156c711a2a9e69dc86f53f47ce07bd59f79e9f8190e0a63a46c05270582b3afdc144f98d15622a902864c5635409e682c317640a2371","ssdeep":"","tlshash":"4250000030000000003000000c03c030000000000000000000003c003000f00000c000","size":8,"data":"","first_seen":"2023-04-10T23:38:56Z","last_seen":"2026-04-16T22:16:07.22668Z","times_seen":13827,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"f2c0020f7dac59c8513d8066838609f7","sha1":"eb54894ac4992b18e12a6b3a93276ed0d7594134","sha256":"9ef69777d44426dfecc0d76907b526fcdeceff26c2931d47e468116acecc700c","sha512":"1656a3be24fbaacdaba826114c41263bc41657d1371f8f179cc99dfc81115f1fe08d0f60a4d6809b87c7481e5949e9c16730580aafd12cf76294dd421f598379","ssdeep":"","tlshash":"35c04c2f659190825567b1a9da5b18185c535927e406d406bb1cb2501f1643b861568d","size":144,"data":"","first_seen":"2025-12-07T16:58:18.676158Z","last_seen":"2025-12-07T16:58:18.676158Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/7.CYmrNFPL.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"bb9136b505c2b0eca24a07f877e64cde","sha1":"aac2cfb1ff55f132d17dfd536e2874222ac677de","sha256":"274961a2c0a3969bc23dbce35f229172e4aef79d1e6f218a97b378e871793c4c","sha512":"0bd8f169d1579e70ac447aeae7c80124d87f0187bb18ca1065066dea90f278d18a8f49f2ac47397a9032c2cb4b0904c9eede2ef315c2a3784e569c4ebb65e227","ssdeep":"384:5U5urbvY+4nmo5pXl/fJfHpUR4PkWgpwnxSHI0Wrf/j7cFHyq:+urbvY9PpXlnJfJUR41gp8xSovrfgHyq","tlshash":"9a72b7c5f7aed93e53e7a4d1bc682003fa785a84f12c91a4f39c4d66719e884c173b26","size":17078,"data":"","first_seen":"2025-12-05T11:45:40.128204Z","last_seen":"2025-12-08T08:57:32.228793Z","times_seen":213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/jquery.fixedheadertable.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"406edd97a8850446d2693ef306af0708","sha1":"bd4996afdab1f18893ef89c3281c55e6585f334e","sha256":"991994866beb5e90d2205f4c5d4a757ddd38c6399386335991b260a89d857fa1","sha512":"493f04e96c9ead6dd640cc2a8c53e4aa3b43171c7dd51a4eabfce9fbcf00c51fd9d2edb1be40e6dac6ab6f3850b53234f177bd232404ce70ff287c11735f7d8c","ssdeep":"192:J/PBMlQxEuOaOGWzw32xilOXrPN7pOIN+5Mfj9SPHwjwTuv0vS2QeON:JBMlQxEuOaOGWzGEZrPNdh05NPw+S2sN","tlshash":"9b227195b3f93192c5fb61ba59fe014db0214d37a74b44b0b1aec1b81e70d8d22b9e2d","size":10635,"data":"","first_seen":"2023-03-07T23:34:28Z","last_seen":"2026-04-16T22:16:07.221202Z","times_seen":1813,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"70dac9e2e1e946118860d7b5a21f3cc2","sha1":"5fdcbf22ef3003765a4ff78842df63a9dfaeb5b4","sha256":"0f767287de5844922fb0f6d432dc5e81213fa1d3b13cdd02b5caeb1a0047358e","sha512":"7df58625dbb4b34d8ead1643906cbab6838dc54860f97dbdc12dec3586002c7f81cfc1961277c5cafe21a80f06989d561a2765c8ac55ba920e9806d931357ad6","ssdeep":"","tlshash":"bd011685fc42707696963228763bfa07516312255844a5335dfdc36fef32d87811368c","size":844,"data":"","first_seen":"2025-12-07T16:58:18.676984Z","last_seen":"2025-12-07T16:58:18.676984Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a5c01714484fbf19856fc5f205e463e","sha1":"f3057884e9bdac343c71682dbb26e25e38de579d","sha256":"398ab2fd9bf41f6e5ee7be12052815b5b84b7768f1387e1222475734bade39b0","sha512":"d265780554422bb440eb550c9cdc6102d7ac7ba1145231dc993019ce153de0ca847cc8cd8c509f0a6be2a965ffa007b32a1f4b24a9b99d8f0b0740e4cedadf1f","ssdeep":"","tlshash":"70e08cae90e218618ebe732e6f0780e0b1300be30048d0c1764c5dc09fc013342b1fe4","size":401,"data":"","first_seen":"2023-10-15T16:21:25Z","last_seen":"2026-04-16T22:16:07.231857Z","times_seen":1742,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"c2c88bea687d2e9ec635612ad400bf53","sha1":"a835331379870dc2bea13909c9934b74a8d0983f","sha256":"0c9ad91eeba3baf83c6f227f6453d90363b13a39e2884cc2ae1f73b3b934545c","sha512":"00120b851c44b0b0aa3299f8c9ba6f9a7ff823ca89fa60e764aeeef3cca95763d6db0b7e14c069f930fa9835360d36526a031eb131baa07f047bd68be2250e7d","ssdeep":"","tlshash":"71f09e74ba0e9129336067952997dbc63224621ef592671fa9a95c65bb410540c12d40","size":471,"data":"","first_seen":"2025-12-07T16:58:18.678274Z","last_seen":"2025-12-07T16:58:18.678274Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026version=449.0.1.19.65.170.1.1.4.1.4.25.2\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ea36f58b07b0d375c8755f0018ba701","sha1":"0efa1decd9f1648914e0cf2d5dca5b19e5644b31","sha256":"cb15737af9eb9237964d0f5ad6517fd5b2de2bdb3151f03b6f7227632c2d8ad1","sha512":"a5921af3664cdb3dc6954e370e011762c713ada58c6054a04037e6cc58544e380ead82f496b353eb2cc80edd9e36e0cc3918128e38e4c92177fff8ab3e8a5d61","ssdeep":"192:TGwGEGsXGAp0nyv4Hc2T13k+IqVQJhMZa2b2:TGwGEGsXGAMyvQcufIqV0hMZa2y","tlshash":"51e1242a830bc87b7377965663cbb70f34185179b1f8593fe4a0cb7061862d7d2069ab","size":6834,"data":"","first_seen":"2025-12-07T16:58:18.611804Z","last_seen":"2025-12-07T16:58:18.611804Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"javascriptURL","is_inline":false,"md5":"69165ebff8690c39998558705627e927","sha1":"b86888593992fa44c3d1fe1c665367cb214e5416","sha256":"0de7a49f6d21fbef846aba4bd271502d7ec9489bfbb3fd96f5ff7cf19140875e","sha512":"5ba1e5e8c8d56c3f9e73156c711a2a9e69dc86f53f47ce07bd59f79e9f8190e0a63a46c05270582b3afdc144f98d15622a902864c5635409e682c317640a2371","ssdeep":"","tlshash":"4250000030000000003000000c03c030000000000000000000003c003000f00000c000","size":8,"data":"","first_seen":"2023-04-10T23:38:56Z","last_seen":"2026-04-16T22:16:07.22668Z","times_seen":13827,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"javascriptURL","is_inline":false,"md5":"69165ebff8690c39998558705627e927","sha1":"b86888593992fa44c3d1fe1c665367cb214e5416","sha256":"0de7a49f6d21fbef846aba4bd271502d7ec9489bfbb3fd96f5ff7cf19140875e","sha512":"5ba1e5e8c8d56c3f9e73156c711a2a9e69dc86f53f47ce07bd59f79e9f8190e0a63a46c05270582b3afdc144f98d15622a902864c5635409e682c317640a2371","ssdeep":"","tlshash":"4250000030000000003000000c03c030000000000000000000003c003000f00000c000","size":8,"data":"","first_seen":"2023-04-10T23:38:56Z","last_seen":"2026-04-16T22:16:07.22668Z","times_seen":13827,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/5.By33xigu.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"5015aa9d19c75987b0b44b1eecff5fde","sha1":"f8e539b1cec7fb48a2e6f1f6647745e7725be82d","sha256":"fcde38b86726169cb7dee561637717072c9732207e539f5812487a339451261d","sha512":"b5a8e54be4633504806ee01a06094dbd7b91bb93812a3b13ad3db7a8455fc86579ddc48d893b20115981d1e9fb088d360dbae7586bd61c24545558e34cb8c672","ssdeep":"3072:qVzjYLKSRrZVxXLu+5FIXox57NPH0aONfpzksw7ou/YEmyn:U/wHRrZVxbuqx/ONfpzkzo5c","tlshash":"b7145cc4b186b53587e734e6487f1002f33d6d19784c8564fa99eeb63da818a9233f2d","size":194133,"data":"","first_seen":"2025-12-05T11:45:40.050655Z","last_seen":"2025-12-08T08:57:32.471257Z","times_seen":214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/js/vbulletin_md5.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a28d5e018df6a763d8c43e320c82944","sha1":"718f3148bc0ebed7f32bf13cbd9766b098488fb5","sha256":"94a03d94ea079e4a5877a8d14914288246f30a12b3833c8d59ad22dffc63a7d1","sha512":"32e9914b734a44497c081172e5ec0acccac466b4a26b674c68caab856f99f275674a96dbb10d41a88f2d9ac2eb2f2c5bf3d4f84786b45e9af8597971f11e67b0","ssdeep":"96:aa28J0Hju1W1nK21b1DxMOUe1kTQBstOJMFGMvzEAPwqJfAXYCfFQXE5JaGXC6rS:vOq0xvNJUNOqwqJIoCtCE5bIN","tlshash":"61c1fd40b781c17ad7bd8ef0bc4a1f4ef17edaa808065404b5b28edc4ded47944a9f1a","size":5689,"data":"","first_seen":"2023-03-14T18:52:00Z","last_seen":"2026-04-16T22:16:07.118632Z","times_seen":1851,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/style.js?v=1.0","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"6174734545f4d0a24a22ae2f24526eaa","sha1":"969abdca32818ce8437a095b6c1e478d2bf70345","sha256":"d943adf3ed1dad80fb33a3380e56e5a584293f8d1694dbb6d5c5d1c6036ee406","sha512":"017d07cb8e391f853c7add6f7ecc503c09791b8a76a942bd51ecd55d203ab5d773bfdcc90b33f911ced9a4538f6d0e28f7141055449e2f9dfa29976b0cbfa955","ssdeep":"96:xEU393Bu563333G+3v+3tZYJWqr8xZMq038T4hfclwCBMkyZH:xEU393Bu56333R3m3s8xZMtMUhfewwMD","tlshash":"6ec1438ff251143505fb373a822f5b09af7f2a1a4945d124f0fb46a41f6c509a767e4c","size":5854,"data":"","first_seen":"2023-10-15T16:21:25Z","last_seen":"2026-04-16T22:16:07.206643Z","times_seen":1830,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"679cb67f77ad2c4ad67895048b0221ed","sha1":"05eecd808517223ca258bce67b18f324dd24722f","sha256":"a1fe2ff6f6abb7c723241ed54e643d6a9930900ac0047ee58708d575e2378f1e","sha512":"d6aed67a8b860c4054c26efc7b337df502d47ab1646f1982be6363cdb94cedf73ae15ae15cce46321d0f9c66e1ea89fb56275a03a221e79e4c3ac9657f2f44ac","ssdeep":"96:KtKauW9swMAlu2wEAiLjltmw8DBVHxSeWNpvhK4hvX33SlnaXBnV5nyQenh:4XsWBJ8DpSX384hvH3Cmjih","tlshash":"93a14275e0d8961b672350d8ce31e79eaa03521b8f834a09f5ff5885bb8a8b05e031cc","size":4810,"data":"","first_seen":"2025-12-07T16:58:18.679029Z","last_seen":"2025-12-07T16:58:18.679029Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e79a2a4cd67002d6d867510e9adb167","sha1":"3440b777055d013568d6c826fa20026147f06bec","sha256":"3188bf79e4c806f3b90c1d806d399d7324e6405dfbbd93a0f13fd525664cc52b","sha512":"1d856887b4cc8ae6f20815c050ee9e22ad778b6cfb036f27a02e404d140c49fe57bd8297a2fcdf9bbbab978aded6229abc9d23593c7b045d1734f59095985390","ssdeep":"192:yh3IAKO3QbGPMwFqW35FGOacy5eb5fvmPksZZEoQ:yhYtO0iq+iOKovgkse","tlshash":"7422d88a7e1cfd3007751961a8abb6c546d8de419c826ce387b18c29bf13b25215ffd8","size":10282,"data":"","first_seen":"2025-12-07T16:49:32.421103Z","last_seen":"2025-12-07T17:19:05.051976Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/liScroller/jquery.li-scroller.1.0.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"097d12ca6affd5151d1d56db876cc1e0","sha1":"4f1b6d162e327a5e8d0f37897d4d559dbc265ba7","sha256":"e00749ed99da6de8ee85c1fa969a7571feaba5a506c1dd88be8a12e20ed680d9","sha512":"fd4f03f1ba6fddb3bba25d32d09e9713d08b55fbd11330d43e74dd874646d01a27eb6dc19a49889cea10a09300adfaf1ee0a11921d6858255f31893fa8d8fdb2","ssdeep":"","tlshash":"05119e08eb0611bf0ce5e738fe3f9b1c75f315134222d5a495fae4541d814bb5270959","size":1002,"data":"","first_seen":"2023-10-15T16:21:25Z","last_seen":"2026-04-16T22:16:07.068145Z","times_seen":1806,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"eval","is_inline":false,"md5":"129f5fd162665cd0abc0f39fea8c9e8f","sha1":"253c21387dc8055cee42777276f455c7794de3cf","sha256":"a6336811b695da7dff581c054bbcb90502e899d034ec0f26005f91236c3817b1","sha512":"c6017466dbe4147b237b174c099b386869ee7adf1c41bb7a46df29febd2ae551d7059c590b4cdd76248b7414262ce0c856deeb174e6ccdc8a45dc9d820d505a0","ssdeep":"384:jpWcj41o2t8Z75jf5E1vcNTTCD2c5cDgk:NWcj41m7av8fCD2wk","tlshash":"d0b2a5523250233482e332fe55af510d763afb74ad428169b06285eb366754ed273f3e","size":24154,"data":"","first_seen":"2023-03-07T01:33:09Z","last_seen":"2026-04-17T01:45:50.906287Z","times_seen":3928,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/1.Cze7AJKr.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"772c9c5b1e4c91a715bfcbbd66f287c0","sha1":"255053c9e96e272715de32e4221c6e60e22c56af","sha256":"f5457bc030c52505bd2f5bb454e91209ddba7fddf33a706e1f9becff36df84b9","sha512":"647500c12ec7db590f07ffa64438890355440503b1b0ebd28da634857f5dc2a4e1b5b7096436363102a6bba8d9e855e0298a073f53b2bdd0192dd6b49bf6b3a0","ssdeep":"1536:K6s+dHhkyAvAhUN3bVZ+lKMZ+o9YKF93d17m:1/BtA4hsr+H+otF9Dm","tlshash":"3c333ccef141713157e755f2b06fa106f63a292c384c80b0f629dd9925ee44ba22bf6d","size":53271,"data":"","first_seen":"2025-12-05T11:45:40.043877Z","last_seen":"2025-12-08T08:57:32.43044Z","times_seen":214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/nivo-lightbox/nivo-lightbox.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"a5896459ad6790d1d94eb2180e59e965","sha1":"e5d4b0ef3a929aa6e20ede86b024264a8cf2b473","sha256":"65723a3f6bf46e95bd82bbbc3f986c0df44ad1b4427abbc3fa252a53ff40b4ea","sha512":"de291f580572eacf236b4b7a51824e06cabce1f0544a5e2c7edd60f5cc2716757eee71069a1dccc42037d1704e4433e732469c46b74ea690911010cc6e1f50b4","ssdeep":"96:RwsLo8zljjmeC8CVZfOTfqjf61R9WTE6F67A6f8r6Fk4zzdtMTnO:RwSPNPcfOTfY61zWAAS8r6TBtMTO","tlshash":"57e1420db351525046ef3567211ad334276a86ab8c41e0b6b36cc4d7a7ebf181d33e6d","size":7420,"data":"","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.081346Z","times_seen":2049,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"2015fe4e8911558500fb094aac79383b","sha1":"2d1e5126c8e3386153082b98e841d7a03435d975","sha256":"bf2d2ce2803063fd72be8165d5fbbc700e24dfd6bfcb351f064367a90db9ef4e","sha512":"d6e3fb657e8dd62f942f2f59000ace81b36ce43ebcc8abda4018c1d73b155b3ce2e83d33dc1ac86cfe81b0d76100137197b905c1f87e9f2f194a4e2eac3013dd","ssdeep":"384:fD9HWD99TpJGd+iesmAnxpakrwHVXHh1p7l8dVNOpZpMOUROOHEAk:fDiAebALak0HVXHRl8dVNSpPUR1HEb","tlshash":"ab821ccd7253b11a8397707a607f420ef23a5899a8184850e059c9fcbe74de8427ff6e","size":18450,"data":"","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.199852Z","times_seen":2049,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/6.B0_QvnEW.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"bb2424b90285d46f921f699e7b3d17d5","sha1":"412e217bd4cfbafc553fc36b9094d0ece147a429","sha256":"2b1840010c419cf6839e4a18ffd0eec542b4c0d0c49ce5606bf93639afda5ff5","sha512":"f283f440d13fb69e25c115fd3e9dcab60cf937ed1ad964644f9719abba510e9f99ac82747ef2aba6991de08cbe10a8965c0d352c380dfa471d2b6753beba021f","ssdeep":"","tlshash":"a41100d93cc3d8b0d73bd4cc52a899e6d43c0e88a8fd41c0e4f86e853b155b18236ea8","size":886,"data":"","first_seen":"2025-11-05T08:48:35.692413Z","last_seen":"2026-02-25T11:20:48.331177Z","times_seen":7795,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/12.DJPUQwQu.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"640caab52100a1e9dfe618aaeb79838f","sha1":"4654776a82e5405614a595d40cb33ca2b5bae0b5","sha256":"fb8eb817d7251014c136b441bd4004fa6567908059013edbb938925f23b67ceb","sha512":"17d605182be517c5e797b2fd823b9ab7b6bd73d97bd2c3d11c5eb29d108cd350d789116528e351abaebdf3654cc65100b9e3353064ba38c9ab9008126c6a3061","ssdeep":"","tlshash":"00e08cbdfca8d92152f5e9f8c0b60822cb593b0e502382b0f60e6f4a9519199a552826","size":300,"data":"","first_seen":"2024-08-27T15:26:59Z","last_seen":"2026-04-17T02:01:43.448835Z","times_seen":24549,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/appear/jquery.appear.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5fbd164d0b2001df2ba85327fc6bab39","sha1":"13e083d8852729d2e6cfa3fbcf3955a28275fd00","sha256":"5d19547b40e94ab90e831bec03fc23d4b894894bb93006b3b3fd8d62e2f355ca","sha512":"5e667b534b3c4cd17e92d4404055e434be7bd07544354a2a1ba56947468799525dd86226e0f1f9d0015421941dcea765c566c1d6a8eec4e1106f2e9bf2064f7d","ssdeep":"","tlshash":"6031ff6b31db3a9556fb703fb61f73155221853b0251e052d9fadd7c39b2d42b803a44","size":1552,"data":"","first_seen":"2023-03-07T01:10:45Z","last_seen":"2026-04-16T22:16:07.182007Z","times_seen":1998,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"ebf949e24057e062bb8143f21f5ca712","sha1":"801e1381afdb0d090e5655bb448b2b2681bae565","sha256":"ac550be7911a77ececdeff78bba048711f6e4c1652fdb19525400a5c895f94a1","sha512":"c3b92dcb36ea2f186a845f6d767ed9795b33e7b27f978c61283aae4f95920de95844fbb76e8df7191986b7869ce45f5b00cdea01fec668ad56aac758de890763","ssdeep":"","tlshash":"54019ed27140582a92aa492c945ef3a151e206c04ec7fdc1d8ba65067676f414d13a8b","size":692,"data":"","first_seen":"2025-12-07T16:58:18.680575Z","last_seen":"2025-12-07T16:58:18.680575Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"a47d600e9ad763aa9d8a182e9b1dd07a","sha1":"fa45f4115a4e4dfd401b099bb822e71d2f8c662b","sha256":"cb3d2bc04282030325f33db6f62db4cde43daa235a3bb37e5b4b43a91e1f3445","sha512":"a9a52b0a268101769d8f3ba34c36664840e6ace7672c5230ff9c27b88a1ecb0c7ab191638553de97c6c7ca5865e037b94200f643321fe5e04e8fb716f24a2f4e","ssdeep":"","tlshash":"e9e07da3a2a285799b4915d4ccbfaf8cfc51550d1dc2ed5dcc3b1118f018b00ca2b67c","size":335,"data":"","first_seen":"2025-12-07T16:58:18.681349Z","last_seen":"2025-12-07T16:58:18.681349Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/parallax/jquery.parallax-1.1.3.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"1508097fb2657eab7e68bd385cfbdbb1","sha1":"c65b4cb7750055e01101a4edb2f7d2d749e85174","sha256":"ba75543913b3258b7a19cdea608c7cc47322898d244b40b6190c970be2d3a2fd","sha512":"fb2b63f3aa3e83603dd8ac3211bd4624c00a0f534935dda13ad959121608d3bd7e3d5fa284c470692a9c57129ee665cc4a39bc4697d09c45841f506d9f5a7db1","ssdeep":"","tlshash":"0f115b38bb107255c96a762f0b3be309b21736415c028124d229e5dc6ea9a5bf86ac68","size":941,"data":"","first_seen":"2023-03-08T09:00:45Z","last_seen":"2026-04-16T22:16:07.147898Z","times_seen":1841,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/skrollr/skrollr.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d6ae9201bf4c1d83ebcacc6da3ec09b","sha1":"65b20f0c1dba10c7ba3d644fba7ae80ae08d4ced","sha256":"911dccc7a59863b46d628fdac57d96a7cbf72325fe2555d2a3d165c6258d3464","sha512":"023903172cf7ec0d5fb06f0ed9dbe90146ff5b2ddb8bf5db81f9587078d28d2c9cd22808acee7253eecb779142e92e3b708a2b167a7dddf93ae26cd92bb5c6c6","ssdeep":"384:r/UqdA5yNpXXTLLeT5RyFNPsJ1S+Cmna5WbYBQeU/pBr:r7o6TLLeT5kXk13Bbt/pF","tlshash":"a44209ceb549b47043c375e6c10f5249b236589de8088465ff25dcdbac38c7a01abf6a","size":12360,"data":"","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.073217Z","times_seen":2048,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/bootstrap/bootstrap.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"d08775b7d337d5f37e3fb102f1a8a913","sha1":"6cbd6f79def44d7e96d933a17967cd2afcf9ba3c","sha256":"8ae9a41def07afb4166b08e3143071437d1867e5f26e6bd907899a8b50bbafbb","sha512":"458415d96f8a83f130fdae57e3322c75b67269f4eb57494074e06b757eced0730c58ca73a8c65148c19b9126653ddcf66e3058426b921e1bd51c3b7369a5f05e","ssdeep":"768:poBFw1wl+WRydWDRQgn8WI0fBQLrX84XCqc:qAr2MRCqc","tlshash":"b7e27446b230316107dfb2e5515f020b723a6a6dea06907c38b999f53db9c48727bf39","size":31650,"data":"","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.211533Z","times_seen":2147,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/tracking.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"ecbf1f6f4ecfa1239ce65a0cb9281b7f","sha1":"eb96a9ad7ee7fde6d7ab1cbfb41a2945311c0e9e","sha256":"727c5bd8a9060788fd796cac0b7bdf5f34472d1492ddea0dc2ccda93902b6725","sha512":"e05113da1d6ba3798a74466360d51345734af834f494498a42e1042e89ac4b4bb2682cb7417281d31c651c64541fba63a79180f1237df1a36faef03f3775f04f","ssdeep":"1536:EhyY8Xri/oIjrDcUiUeygZeqrZ8ZwpPGUQ/POK9p+CjB:EAY8Xu/Xx8ygJr8/mW+W","tlshash":"6fa338d67282b03493f786eba17fa312b2392918340d8420f17cdd66395a9c79177f6e","size":102799,"data":"","first_seen":"2025-12-05T11:45:39.98031Z","last_seen":"2025-12-08T08:57:32.245725Z","times_seen":241,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c08138e2d54e810e99c8614fffcaa39","sha1":"383363368b6456d6b619c6068833ea240a5f3bcd","sha256":"b41a9cd2729231901cca4a1a3cb23e4774b2809c687dac74bc915281c3eee313","sha512":"1c95a36d99ce78c7ba42b3117c5b09e13187c54906b160bcdf3fb20a35697532b2db70e40c9f3ffb75a593c97eb45c646721f09f0e95aed0d76cdaa0f9ef43c2","ssdeep":"","tlshash":"77d095db1c3545301388014e2177d794296118507e11964061dccc175e10fc3086195c","size":236,"data":"","first_seen":"2025-12-07T16:58:18.682346Z","last_seen":"2025-12-07T16:58:18.682346Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"15d3adb70f206f70e8676612cf1bcd06","sha1":"7d3bf3fa3e21e8fd36585901130714497e7bed20","sha256":"d29445e7ff17620113f644598826c7c3ddaaab631f9368add696a55e7c5a0b84","sha512":"cdda6a42b5f99b306952cb81b097712f8a32a48bc2ac6a79e6e1940f02e1d8f9f233bcbde623263db80cef1c89b4d5a53fc2fb2866439648fb3142e63d81bd30","ssdeep":"","tlshash":"1521c91d0b1e283885e7b13f568fe65a3832839308088cc0ba5e5ee04f2866c1d83fdc","size":1114,"data":"","first_seen":"2023-10-15T16:21:26Z","last_seen":"2026-04-16T22:16:07.238318Z","times_seen":1504,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/owl-carousel/owl.carousel.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"2fec2de7cc7d2d9a66130311f52b5db8","sha1":"5cfc389925bd8200ee1e0fb224434ded9cae3f15","sha256":"4b18105a346260a3e8359cd02633fd5f8bb244f2d5f43e4375a1efd10e5c865a","sha512":"2c65ad232d52605402fe3c61104ca6e19be96dd89eb072e8554c3019b549c1af260a6fd16ab7c007b4ddc24e9c0bec770aba5cc4d1cff2fb7a9a241699d8a04c","ssdeep":"384:XWxb9XXAhOfMSelTARgzoSC0Z4eAchzD/DM5F:8b9uTARgz5C0ZVDL2","tlshash":"1962183a2152321653b261af157c818213e548023ec7b464f9e6f8edebb6161117bbff","size":14916,"data":"","first_seen":"2023-03-07T01:34:34Z","last_seen":"2026-04-17T01:45:50.823578Z","times_seen":3115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","fqdn":"secure.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d30bfddcdb3764a782b7c8584021d1d6","sha1":"64ed02149d0db57e6c1d68992361d7c1330a663a","sha256":"5a8894efd9ef253bc344f5587ea4fb4f4b8da39d4dbd49a390c2302898411623","sha512":"7f7061097e172e659abcf34d29c148da0bc746fde1307cefa2bcc88ee94db292ba498b3f287a8436b39f9e6d44d5e145350896e447ac7c3cfb281a91a5bc6c97","ssdeep":"","tlshash":"79b09222c200942a24ba8118239fa6073110537a80660c1b143c64a436e610f80a239f","size":105,"data":"","first_seen":"2025-03-02T06:33:06.481005Z","last_seen":"2026-04-17T02:01:43.543724Z","times_seen":22066,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/9.qYTqns9Q.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"d541ce2d754402b833cc65b76eaea2c6","sha1":"c36a92a0f5cef497ce42b1e8b4c72c8d9bd3786b","sha256":"80353503e48ebf6c2ae9f70184d3e758f64bacf48afe147e039df807509200cb","sha512":"f8cd5cc49f9276c580419958bf312ee0a311194fd41d116ee709e56401d769511700031ec9f3e6151f8da6b7e13b16e374a231e31cb00b92413ce5c751c2a0b6","ssdeep":"","tlshash":"f090044530d334753111111c453f5c0551144c4c05d55730c010d5551f514f4571fc4c","size":40,"data":"","first_seen":"2024-07-04T09:32:22Z","last_seen":"2026-04-17T02:01:43.439674Z","times_seen":25413,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/10.CgH8vyiG.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"4b99cf9eb0cdde016aefe094a5f129e4","sha1":"f17250f2ceb1bb739b7264e4cef090ad7d703d0e","sha256":"1aad3271a23be79dc1572d991aaae18ec81869f60e2ab57435a127a97d57bacb","sha512":"21e9e6cbf51e6891ceeff24cf145b38d10fb365d6cac65f665ea0ca655c72a11bb623eb6e0215242950c64d12dc7f89acd0c9f6c6831e50e55a9ccadf30f351a","ssdeep":"96:CHmlKAJm2MLADeQA6Ob1NlPF2DM3Naas1pFJpInNCzaNkQyyZFBXfFBXoQFddzhe:CGu2CAHNgV2D6RuENqaNkQP7BXtBXoQE","tlshash":"46a1c7bef755f97097e98ce5e5143043ed3b16a8b8ac85b0fa1c4e51214d1889122ba3","size":4900,"data":"","first_seen":"2025-12-05T11:45:39.926421Z","last_seen":"2025-12-08T08:57:32.267722Z","times_seen":213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/0.BnUl-svj.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"9063007e77d228eb2085aa5b1ada66e3","sha1":"f407a9a4472cc7cd0a2ecb2837d8697859b26c33","sha256":"aa9926d78b9e445135f2ebf5be42b34341ee0a737d35c490ceaa5653c9676546","sha512":"e4e8a56a3b4918f154068850656312c47b654b937d6ef40e5b21e120fbc8510c8469d79f5ad61babc9e7534b30f78558d120111370d8708bb8b05c229fb541a5","ssdeep":"1536:4rIjHt056UtzjrsG73DDnY3wi6Dt3Gx4Q2FNVgoMJzEqLzT:mMHwt/rsG73tDt3U4Q2lyJzEqLn","tlshash":"5d73f7d2f686f9398be794e511385043f9267a18b82c8170f36cce61219e2c76177f6b","size":74947,"data":"","first_seen":"2025-12-05T11:45:39.966442Z","last_seen":"2025-12-08T08:57:32.360418Z","times_seen":213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/2.DcYSq_5p.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"3cbb4d2ff7e12dddfa279d8b4935f97b","sha1":"478ee0aa7e60798adda48a9a568200000eab55fd","sha256":"09b7355c01caa389d7db222462a9d0022e0a0c3fd1ac37b5c6c52b34ca5feb64","sha512":"7ef38130c4d0f86c1d4d2a22aaf4789018ae48a028edc71bfa99c1d55d5d24be0a70e40dd74d2baaf62231bf90978bbee9a8553db26e59a3d272f838c0f68933","ssdeep":"12288:SqI7kkkC8NMQxiHnXK1roTvOCtsrJoSKXHPe/mf+5JqcFqeT1q9XBaFJ/MM1aE8y:SqI7ZTLe","tlshash":"65945be0b282b538d7e7c19790bb160df33d3d49b42e9660f1ade85e33944889267f64","size":408035,"data":"","first_seen":"2025-12-05T11:45:40.084239Z","last_seen":"2025-12-08T08:57:32.260627Z","times_seen":214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/jflickrfeed/jflickrfeed.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"847c6b884e569004695666dd6e90fd0d","sha1":"0f83977484c914c85ba813adb9c46506baf4a83a","sha256":"796951855984fed308feec350d31ea2ac1382b2c6aec06412f9c33e1c13fe075","sha512":"1dd14e40e94dde8ab70b5d2e0293cda5f91376703dcc2d2a4b3174ffe270663a0448377c7b8334f2195222e8e3bad39d58e27314f4a59b077a26b8085bed450f","ssdeep":"","tlshash":"623122005c51a1fe16ebb7766d9f13380f318301c868ea52a7e6c171687b1cbe573d40","size":1462,"data":"","first_seen":"2023-03-08T15:52:17Z","last_seen":"2026-04-16T22:16:07.178587Z","times_seen":1815,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/text-rotator/jquery.simple-text-rotator.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"9964685a5509aabd8ab04dc6257d97f5","sha1":"927c58db28fb33c328a5a0bab4f9e3a93555f651","sha256":"95df7f4d192968c5c68e43a936016ad025fac7ce02a221a1bf13be6592667c30","sha512":"f58116f313f5d862f6f561383d60e0cef0056bb77013b9060b60e3a2a225fb2d55cb5691da77b5cd76ca10f71929f1697b267bde4ee489352efa3475f58ed279","ssdeep":"","tlshash":"d171e34a68fb48bdce3a91eb83ee1f56247909b28c006441139b5b7e08f19456bdde63","size":3568,"data":"","first_seen":"2023-10-15T16:21:25Z","last_seen":"2026-04-16T22:16:07.165472Z","times_seen":1808,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c4a2f9fee5952ef2162ad13c66c9b35","sha1":"79eab1de08d8328f46dc722275a7cd8128cb5c52","sha256":"7888bc155d25c7c7f987836447f26e64d0b579f2861dfc0e3c8d5ed4faa65aff","sha512":"6ad37d269f9097cdeba41c991301b3a6e48bbd7e5706e11cf8fc2d22c7f736a3ca651da254c625f60102ebe3d89f59161e0460a24c7b16bbe56a2b5b1e604546","ssdeep":"","tlshash":"9de05c6f94a39483947ba52b974b3a0819219903a403c402fe4c72602f0403fdd35fcc","size":435,"data":"","first_seen":"2025-12-07T16:58:18.684709Z","last_seen":"2025-12-07T16:58:18.684709Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"1fb1db1499b1dc02bb3caf46035bd71d","sha1":"c2288d9e5b722ec41bdc9a4e2001fc006a126e0b","sha256":"91c13469f6ba26112e411b3d5acb3c9b89e7f8287a8ddf7705daffeaeab0d2d7","sha512":"ce5427040f717a6d9af6f74b29ce76121f427985589e30ef230cd1757664a9f7fb2bdf602d19f53e0a7d7687d9a6db408d9bcb3c79d5a806e8b295d9dd4e776d","ssdeep":"","tlshash":"8bc09b14307244d1855f795d5b57de151023105750455211790c49467f9083b1e17f96","size":133,"data":"","first_seen":"2023-11-30T07:30:24Z","last_seen":"2026-04-16T22:16:07.241158Z","times_seen":1250,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"f88a690f1545bc8185c164ee940fdb05","sha1":"3c108894d2f7f618f091a7f9acb97ba610108b7e","sha256":"eeef78c74d09168141ec43bd45299070705db08c7e239ee4c3b487957560e41a","sha512":"852f2c1a0da0e1285b35892510546a35dd7f7239836d6cb37e49aeb30e4bbc575b5ecd0a6550e888f869c71028654e7396a42b02b0a6be3898c602d3f3cd604f","ssdeep":"","tlshash":"f611d0ba3a2a1534c6c5418b317eeba93d3250217e029184d26ccc255d58e87149fcbe","size":921,"data":"","first_seen":"2025-12-07T16:58:18.686764Z","last_seen":"2025-12-07T16:58:18.686764Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_localization?organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026version=3e484e3f8236c9d1f2239ff432260121_0440425a97d091180472259e85cc8c97\u0026language=id\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_localization","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d39213d58edde88d2c8968d53479bcf","sha1":"98609f140731907a00502dc946c4829c892d5538","sha256":"080eb958435200940a8c8cec3e8b0701a02692b63f2a38189244e7c4c138e3a0","sha512":"199384f44c2299e8b6c7ffba233fe21a2ca433e1b9d7649ef9d042784cf8f92c5fa18b5557ca8f39e8c637b84aaa67d834b57298e6aaef56a020f8879e93c717","ssdeep":"384:k8PmODwsg3FZmERbo5DQCBuLdAeAk+kPDPcJ0L:5PufFA/HuJAY+wDXL","tlshash":"7352e9640daa79aa0b2753daf5db5d1e38ec33649b401a2fdd884f304284bc5735be39","size":14240,"data":"","first_seen":"2025-12-07T16:58:18.591775Z","last_seen":"2025-12-07T16:58:18.591775Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/8.7IwmzbXD.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"d5163040ea1215bc35f39f5b45a52582","sha1":"00dbd575c8640854b94a5bee203805e9f96b1dc5","sha256":"5f4cc6ce1da59c43b3ab3058c3b6963914a03b4f1a06e60dfc8bb6908d2745d0","sha512":"c1b160d41585576e4f95cb77ce9b4c719af399dfdb667b039a2e49963ea881e7e026f52d51e208af47e1d54b0a74de85d77b52c5021a9a81b54b0134a9924f46","ssdeep":"","tlshash":"bde07dcf60d2f0f642c5bccc49105081d768dfc02bac80e0c02c5f9017101928936ec5","size":310,"data":"","first_seen":"2025-12-05T11:45:40.006258Z","last_seen":"2025-12-08T08:57:32.361969Z","times_seen":213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/jquery-2.2.4.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"b354cc9d56a1da6b0c77604d1b153850","sha1":"a3d8479f4d4e39b131bc9a53bbf53d1fbaa23732","sha256":"fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46","sha512":"b6dcbe11a0f90ef61a071fdf7d8c637f95fc77969cffda9f291772b4fa2c2f9020eea2916da6f1113d746afeafbf592d0db79fb2f2f5400bc0a0fc10a066ba98","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a98Q:v4J+OlfOhWppCW6G9a98HrU","tlshash":"1783c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85577,"data":"","first_seen":"2023-03-07T01:06:18Z","last_seen":"2026-04-17T02:00:50.22751Z","times_seen":7618,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/jquery.cycle2.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"3981c014980610a347911b3eb292b722","sha1":"a19a589bbf0d0a607557cc93768fa68ec4d9b87e","sha256":"6b41e47a54aefc08aaa3678ed56f5689ddf69b8e8a48e9af8acc200ed0559fec","sha512":"a1e7501a56f8eb568e1c954104a2e0c382d2cbf9ffe386d1ff47374460156e1813374c69250ea17d5fd9f2c8d9d8734504c8782ca09af0b503d69efda13479e2","ssdeep":"384:dKoMqqIIaGwjZufVdJHqktq+3XlTXdE4VzExmRCqfL:PqXysVdJKkNTVCmP","tlshash":"3fa2b728b249396295f328f8733fd00b17f12d776950d6a170e2c7c96e74946b226bf8","size":22288,"data":"","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.166273Z","times_seen":2028,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"introduction_type":"javascriptURL","is_inline":false,"md5":"69165ebff8690c39998558705627e927","sha1":"b86888593992fa44c3d1fe1c665367cb214e5416","sha256":"0de7a49f6d21fbef846aba4bd271502d7ec9489bfbb3fd96f5ff7cf19140875e","sha512":"5ba1e5e8c8d56c3f9e73156c711a2a9e69dc86f53f47ce07bd59f79e9f8190e0a63a46c05270582b3afdc144f98d15622a902864c5635409e682c317640a2371","ssdeep":"","tlshash":"4250000030000000003000000c03c030000000000000000000003c003000f00000c000","size":8,"data":"","first_seen":"2023-04-10T23:38:56Z","last_seen":"2026-04-16T22:16:07.22668Z","times_seen":13827,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"8300c3c8e9e691b3b0e22cda86fbb2c9","sha1":"959b0a4e73143323f4078f8287a3ebda1bdd209a","sha256":"bdf8a9a3a753fec69fff2ad64f97bc2e3fa58d6f7579d74b02896f767a4c1091","sha512":"8e59f3c7f5df08cf383831f1bd54f867f14782d6b6b4b0cbe55e144a5e63b2efe9b8504836723a75e677dbad155646590a0c881ab220cf860378b67b9ab25554","ssdeep":"768:xWYM4BfICUGctU73MUt/TFzGhEzEFgOIHcQTcCR:04bUGctU73MUt/Zd","tlshash":"fcc280f658b0192d50234b18cfe59a99032ce182a8746dbe7347290bcb9bb4d73bd257","size":26596,"data":"","first_seen":"2025-12-07T16:58:18.689038Z","last_seen":"2025-12-07T16:58:18.689038Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"891097ee9ca8b4b0ef103763c4f092c4","sha1":"5f8689c3b0a7173c533b714bb423555ab919a66e","sha256":"2f99a605df72c345bbecd980fdfd57931967abdc179d8399869526c31dba2883","sha512":"a247c027a6f2240d678824ab82e63e59bad29a69844a339813c56459d12204301799dea7c4543f49bbdc670c0d60d7bea2e7e74da9251b9922340a8dbb10335a","ssdeep":"768:xWYM4BfICUGctU73MUt/1M4m7MMOKfzHVqFzPckA8J2XYMIdojJP3ob1+4YHss4n:04bUGctU73MUt/u40OKxQ7","tlshash":"111324b658b0192d10234b5ccfe5aa99032ce483b8745ebe7357291bcb4bb4d336e257","size":42033,"data":"","first_seen":"2025-12-07T16:58:18.690691Z","last_seen":"2025-12-07T16:58:18.690691Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"84c1b24824072132f1f76fbcd6eab078","sha1":"6afaeae392579fb32b93656a9408a8e8deebbeae","sha256":"9fb2f06715313bf12287d853f84049499d423cd3b130e3667720bad9638787fc","sha512":"14f88c283c91592656be4177fdd39caef5f1a67b08aec6522cdcf4159dd29a6ef3d4eb2bfabebdfcff1ccef9d9ed89083fc5c7200294579e9a8817e46d978dc2","ssdeep":"192:TmC2vs2FacWj+Jz95HjLMHOghfHDFz8KHSpHZfwOp+V:w8+jLGOIFz8V7fwOp+V","tlshash":"f5d1343f416123298027ed684bb467168278e46abc6d77fd19136b29c7cbf4215f228f","size":6395,"data":"","first_seen":"2025-12-07T16:58:18.691902Z","last_seen":"2025-12-07T16:58:18.691902Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"011ba93c05468917acc901d20e52549d","sha1":"7f3b009036548e4ce64e6aeb36a8d42e468d818d","sha256":"133a58fa4a1540a426842fa7332448aa5b358a23736e3d1a79fb6befd7f4d670","sha512":"7decf58be0cdab4b69198aa0fd893bba266f12faa3e328d841a5c48f94e2da3d7184b779300a183fec48e3c2c5663f36256018de73467216908a880d40a99ca0","ssdeep":"192:TmC2vs2FacWj+Jz95HjLMHOghNKcI7AXYX5qHU1Fz8sUHvSjH6ceSHRCR:w8+jLGOLFJ1Fz8bSm9MCR","tlshash":"4af1322f816123395027dd6c8bb4a7174125e46bad6977fe68127b29d3cba0214f338f","size":7517,"data":"","first_seen":"2025-12-07T16:58:18.693204Z","last_seen":"2025-12-07T16:58:18.693204Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"toto123gacor.rest/assets/css/additional.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/css/additional.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe7ad1cc759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:45:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650bf49f-299f\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10655,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7696)","md5":"2ff4a977a650b76a8641166f92a7507d","sha1":"3b3e18ea7c29a8acdbdfc3c5b444456f781021e9","sha256":"2b735a9ab21e15a9f70552ac4d1f479b4df7bf5161a07c1bbee610e00798c3f4","sha512":"e5e4602361570a4a6bd76fa611386685d004e8597b4e8f9121f35758bbb9931a4db4641dbf8ac8530d2fd208278dbda7700846c47cf2d3d099a8d1c0b3729d7c","ssdeep":"96:MJn1MOnIYUHsX/dGOeywAjJLX0RcP5VKXsp27lbw0kIoX6pd6j+lY/g4nqqaMTuU:KiuIrLAjJLX0RZD03uBn21","tlshash":"89227c2754eafddf301f83981d3926614b4ac688d7024f6eb36cf3f9749a51d4432a8a","first_seen":"2023-10-17T12:18:33Z","last_seen":"2026-04-16T22:16:07.09966Z","times_seen":1447,"resource_available":false,"data":null}},"time_used":644,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":644,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/js/vbulletin_md5.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /js/vbulletin_md5.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 9aa58fe7ad28c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-1639\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5689,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2780)","md5":"1a28d5e018df6a763d8c43e320c82944","sha1":"718f3148bc0ebed7f32bf13cbd9766b098488fb5","sha256":"94a03d94ea079e4a5877a8d14914288246f30a12b3833c8d59ad22dffc63a7d1","sha512":"32e9914b734a44497c081172e5ec0acccac466b4a26b674c68caab856f99f275674a96dbb10d41a88f2d9ac2eb2f2c5bf3d4f84786b45e9af8597971f11e67b0","ssdeep":"96:aa28J0Hju1W1nK21b1DxMOUe1kTQBstOJMFGMvzEAPwqJfAXYCfFQXE5JaGXC6rS:vOq0xvNJUNOqwqJIoCtCE5bIN","tlshash":"61c1fd40b781c17ad7bd8ef0bc4a1f4ef17edaa808065404b5b28edc4ded47944a9f1a","first_seen":"2023-03-14T18:52:00Z","last_seen":"2026-04-16T22:16:07.118632Z","times_seen":1851,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/ovo.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/ovo.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 4578\r\ncf-ray: 9aa58fe81e75c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-11e2\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4578,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 86 x 25, 8-bit/color RGBA, non-interlaced","md5":"9a8ceefca77b6a4f356bf139e59065b7","sha1":"fecb95c6ad2fddbcf2424b60a31503917c1cbc02","sha256":"71dfe3342d07e446916111fed9de1724bdde56c963c1b2573b7ec643e9f26e50","sha512":"eed75a8454ae4b3f6b926a1fb64124c1308f053d77c7d797767093a13430145cfaadbbfa4c85f971cf0339150077253a4b261f4d7cfd5d986fd854b7172981d9","ssdeep":"96:mZYR2M5uAeJqRaQ8IiwJ7k64Hx7iWtwopCUg2sl:mif0AeGaH4ivWC5g2sl","tlshash":"83919fc6eed04c4326afed21d3eda07967474c98dcf3b5623cfa88001d3a29446e9497","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.171718Z","times_seen":1616,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/permata.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/permata.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 6567\r\ncf-ray: 9aa58fe82e8ac759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-19a7\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 102, 8-bit colormap, non-interlaced","md5":"f5f8c69e95909040ed44250cc3b86c35","sha1":"e333b452f22bcfd8368091118e301200e7f4f2b3","sha256":"bd3ce223941f0e46a5f2bf3a048f36d65b57a595d3dfb06762799d4c2b37121b","sha512":"3e58bedf161fb95bd4bdf89f95d224d1d68ce0d14de5556293074d188104dd75b4df27a8c84def1d61912b703e2041c0be82b25036124bde460f7e00c67781fd","ssdeep":"96:rV8AamRQJAK73Mj+vuR1Mz31Tgi5NlPiuwPvMXJp+b1IU3SZVaw/sJUt+sxczRw3:Z8Cy4q1fPkPvMX+IUkVaEoUt+sxqw3","tlshash":"2cd1aeff3698bcfaec63ac58c330bdc0463e6c91643714789d19c9506ec5998d080e97","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T10:32:07.219106Z","times_seen":961,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bankaladin.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bankaladin.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 37325\r\ncf-ray: 9aa58fe84f04c759-OSL\r\nlast-modified: Thu, 26 Dec 2024 08:30:06 GMT\r\netag: \"676d140e-91cd\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37325,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 790 x 338, 8-bit/color RGBA, non-interlaced","md5":"c0eb0d2d0ba491ab676596d7c1162883","sha1":"bee90648ef0b4052575ae2ae106bcdc46e1321ff","sha256":"09c27a0e4998b4f5d12a099e6ba133d26671e1b3cf2de72e2f1b695b7f6462b4","sha512":"e5b0a2daa7c7494386c5365012e2b591697f8d7f9c65bd49d2f5baec1e9a857405e3364defdff61d6f6a35bb5215101cfc029ff079a9f8e2bc8925fe6a95e997","ssdeep":"768:SLbiU+NtX6TqXCgsFHc0x/JAuxfu3cYqSFQLLc9x7Cbmirl3:8bl29bIHd5Jxx239qS6Wx7Umu","tlshash":"19f2f15b893bc33dae8aa69e07bd394561833547fbb30ef91e89b065342ef0c4047154","first_seen":"2025-03-10T01:18:36.720354Z","last_seen":"2026-04-16T10:32:07.165622Z","times_seen":61,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/uob.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/uob.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 52191\r\ncf-ray: 9aa58fe8afd2c759-OSL\r\nlast-modified: Tue, 31 Dec 2024 08:45:05 GMT\r\netag: \"6773af11-cbdf\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52191,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2560 x 723, 8-bit/color RGBA, non-interlaced","md5":"2c682ae361b71fc92f8611a44ae08611","sha1":"0eb57449e393b409ae694b6a762fbbc3d25015d4","sha256":"b227b05b6acfc3a3739e43a934ac5a91c7d4710a55700af44aa4b8516b4af216","sha512":"97d31deebffefb53977c0c927a764da47c8e6c148747421b8d81566f0004c75ef130ab0a884d652c87e1ebb7c3c14560654b4748bcb00276fae232d0642df84b","ssdeep":"1536:+74jVPX4cy2ksoOgplGhxR2j5rra4DSGnx9z:ksusoOgkb2jJrtDSC9z","tlshash":"4933e1c2cea29830cc98533187e7df60b3765ebb48bb03a615b4f2157d573d5284a72a","first_seen":"2025-03-10T01:18:36.704054Z","last_seen":"2026-04-16T10:32:07.136415Z","times_seen":99,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/blubca.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/blubca.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\nexpires: Sun, 07 Dec 2025 20:57:27 GMT\r\ncache-control: public, max-age=14400\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9aa58fe8d837c759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-17T03:11:03.349549Z","times_seen":489671,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/linkaja.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/linkaja.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 2146\r\ncf-ray: 9aa58fe80e3ec759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-862\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2146,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 89 x 25, 8-bit/color RGBA, non-interlaced","md5":"2d5925ab422101ea8f19560ed06cc097","sha1":"f749f359d92005a41ffce77b9a2d8c5888670f6c","sha256":"7dfc635cc62e740491850e4bf48ecf3cf0cf21b248f9af8536abac4157156888","sha512":"8f9205a7ba24d863d4f65eae2bfd8159e19a06604c7af5df15dd5548a553aa9a7410bee56ca52f3ad927a6eae846d3ad12864dbe01364004b0a5ced52e518608","ssdeep":"","tlshash":"1c411a9fe804764264a9964220de6423ec4380816294f075acdfd82f57bc4fd1d0b6cf","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.087882Z","times_seen":1572,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/css/vendor/bootstrap-checkbox.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/css/vendor/bootstrap-checkbox.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe78cbcc759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:45:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650bf49f-1b5c\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7004,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (876)","md5":"3d4ce2ff275a69d37c270f286934a8da","sha1":"8fd72e27451d35b1cc243a1fac5fb4ebd52d4aae","sha256":"2f81d99d41759567af9d4e9562d4c62bef7ee42e4d1a7b62fc2d45b7a0e34334","sha512":"bec920b211a4a554404fca0245a1640d6722ba738d642a6edfd0623e1ce866eee7c5012d7cc3ea938f263c36d3eec5de1eedea076cbbd62365565f9269178acd","ssdeep":"192:pQu9GEHnN95MDkCeoj99LOSAUT6oIjOhL5fPKzRKz:pXN9z6tAUrcOH","tlshash":"fce1ec2ada610098f137c12d66cc9b9b6434942297252fbdfacb2478de9609c2c737dd","first_seen":"2025-12-04T05:42:45.98976Z","last_seen":"2026-04-16T22:16:07.157011Z","times_seen":476,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/allo%20bank.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/allo%20bank.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=14400\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nage: 0\r\nexpires: Sun, 07 Dec 2025 20:57:28 GMT\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9aa58fef888ec759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-17T03:11:03.349549Z","times_seen":489671,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/sinarmas.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/sinarmas.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cckGYCPq3hgWo%2BEjTqCECyFgrIbzzkCnSMQheLf6OEpemPg472SHaSC5qzq2HuTwIKdoo3WCwi3FEnXund4gCjfVq6lvxYbFNEvZ8Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff29f6c568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/ocbc.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/ocbc.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z9Oi2%2FzTo4hrYKOx%2B6k%2FdY3IuLFZJH1R%2F5V6U%2B1rf9T1P91w%2BHqt8XMy0y%2BwXi9ySkCjk4MZ6nywnWVLDVHBedkJ%2BQscBK75%2FPgrgQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2af71568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/sevilla.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/sevilla.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0RwoEcNAOxh8UWpMCsmz%2BczrOY1U8DTTBhMEEaAAztLg5VUpt6PiR1auIOwOtFxLY1%2FeQgZn2TeWS%2B0LmQRrBXg0R%2Bx3Z9TYhEYChQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff31f9e568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/css/shio_svg.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /css/shio_svg.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe79cf0c759-OSL\r\nlast-modified: Wed, 02 Mar 2022 09:33:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"621f39e2-97f\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2431,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c40ec89e8a103f2e51b90dce6047474b","sha1":"d90eaeecc694d94c5883004e05ebfae4a6cbe846","sha256":"e01ff4e0e870caee450fc361c0393c4caf42514432c9e7425da4268a25f2d607","sha512":"99d21e9206a85fcf389900b7b91b391186ee98ff8b5f89dcd0a6152d12b0070bf09d7c4f634e5aa9a5bf851c910f2b8483ed70b99de99535ec7c3f05a9c5eba6","ssdeep":"","tlshash":"76412961809a670349226ab065dff791eb197356236cf23621e73084bbedf4cb91cc34","first_seen":"2023-11-21T03:40:41Z","last_seen":"2026-04-16T22:16:07.136855Z","times_seen":527,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/css/marquee.css?v=mgkt6h1vnatns72muqoz","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /css/marquee.css?v=mgkt6h1vnatns72muqoz HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncontent-length: 674\r\ncf-ray: 9aa58fe79cf3c759-OSL\r\nlast-modified: Mon, 12 Dec 2022 04:57:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6396b4a2-89f\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2207,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6ccc75e363025d110b5985afa3187b43","sha1":"25460557a798bd582563b4a937bd8e818396c4b7","sha256":"2d2a7ab1708e5aeee4123d037d8484e9e4c3cca489b4b6b3b931143911403134","sha512":"abd2c4ba7445f3c380036c26a2498d990d9f9103fee6d5f67d5aa489f5a7531affc35dd6fd27e9269d5d804aa36870c3cde5d4182eaf968f9d13839e24f900b2","ssdeep":"","tlshash":"ae41f29b05171d04260bf4842f794201652d8403a28ed9aebea922ccfffa245d1a3acb","first_seen":"2023-10-15T16:21:26Z","last_seen":"2026-04-16T22:16:07.15042Z","times_seen":1633,"resource_available":false,"data":null}},"time_used":796,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":796,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/allobank.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/allobank.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 5885\r\ncf-ray: 9aa58fe8bffbc759-OSL\r\nlast-modified: Mon, 04 Aug 2025 02:55:07 GMT\r\netag: \"6890210b-16fd\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5885,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 61, 8-bit/color RGBA, non-interlaced","md5":"6c3f5aabce575fc2faf1bc931f47a299","sha1":"69812a3104786701f9d9edc5525b88b25ff122ec","sha256":"e63bf4524e074876f34e752f73c0bb77cb6bce0d2eb0b3b039cf7ac105caa686","sha512":"c890002566e83b636d3fdc2ccb8e12b8b56af3e26227e4549ba62a52fc04c0081d80ebcae50033691efda2638fcfa85e1ad097f079fddb1f8f18b23ab539a48c","ssdeep":"96:tSvDPmzPnfdLnp/w+tOtYrJwwBsVbiNyNQVumDbGmpWDr0CiPLw:tSvzm7fdbFtwwBsNikNQrDbGREP0","tlshash":"9ec17b6f772f3d4ced4e113102987ec2b7d8096ba2d7ea3d291d34000943491ef14aa2","first_seen":"2025-08-04T13:31:12.151163Z","last_seen":"2026-04-16T10:32:07.225729Z","times_seen":135,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v15/97uahxiqZRoncBaCEI3aWz8E0i7KZn-EPnyo3HZu7kw.woff","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/roboto/v15/97uahxiqZRoncBaCEI3aWz8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://toto123gacor.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 26572\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 05 Dec 2025 13:20:17 GMT\r\nexpires: Sat, 05 Dec 2026 13:20:17 GMT\r\ncache-control: public, max-age=31536000\r\nage: 185831\r\nlast-modified: Wed, 14 Jan 2015 22:48:52 GMT\r\ncontent-type: font/woff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26572,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 26572, version 1.1","md5":"845280fbf7cf0ca7e186e0b68356ae0b","sha1":"3e37848e9b9052cdad47a551d55bebd4cef073b6","sha256":"d729f0522993e04c4463a7ebd01694ad369f6efd78681f270d98afba78aeafaf","sha512":"8d79528c1ec8464544b19df1416690213e25843f817ffac7e996a2ca1dd586980fb7f98fcdd30fd0b0618650caa41696be0a9191ca9093eaf951a201d1793c2e","ssdeep":"768:2SgKX9C7dZgS7QTcHOhQvFnH5yTSDlTzRnmLF:2SgV7QTcHeQvJXR2","tlshash":"40c2e111b56d6308d4e4a7346d0f153e8bdb8e96e1ebeba7d1224e6182479ca8ccc374","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.148752Z","times_seen":1641,"resource_available":false,"data":null}},"time_used":428,"timings":{"blocked":177,"dns":0,"connect":16,"send":0,"wait":22,"receive":6,"ssl":204},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/robotoslab/v6/dazS1PrQQuCxC3iOAJFEJYUt79146ZFaIJxILcpzmhI.woff","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/robotoslab/v6/dazS1PrQQuCxC3iOAJFEJYUt79146ZFaIJxILcpzmhI.woff HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://toto123gacor.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31576\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 01 Dec 2025 00:06:03 GMT\r\nexpires: Tue, 01 Dec 2026 00:06:03 GMT\r\ncache-control: public, max-age=31536000\r\nage: 579085\r\nlast-modified: Thu, 28 Aug 2014 20:40:48 GMT\r\ncontent-type: font/woff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31576,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 31576, version 1.1","md5":"031611afee9339d4e1f76795a28aaeca","sha1":"8be046d89666cb1bc0323f4a22c6d63b62b922cb","sha256":"2de6a4f3964c03bb35fb9d54b3de00ac38330f5cd91389a3d462269c27775373","sha512":"5a640f6c2eca78c39646ef4bc1af2f932442188c6e1eb31f55c28426fbd940416e46e8d5da0be442d302bc1ab71d6585acac24bcb9bc3e0c8b1cb68ed9d7990a","ssdeep":"768:/OLXvKTy00GtnIF4KZnHlsaa8Nj6Vii1BLT4v2mkwEp1RK:IH00aGlsaVNwi8LsSu","tlshash":"5ee2f150de5ab94652aa0e7450c0021dc27121ccfbf8aca1b739d4d1966ebf799ece22","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.179256Z","times_seen":1431,"resource_available":false,"data":null}},"time_used":406,"timings":{"blocked":159,"dns":1,"connect":15,"send":0,"wait":19,"receive":16,"ssl":191},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/hongkong.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/hongkong.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X8KRTmikp5jXoieYylQHhFH1FKlvG%2FrezWEpsjuC9%2FjrEe8ty7VWiDIPT%2FChZACB%2FjW4ykHyoeSRv6WZlJfdIJeD%2Buli6YFnB%2B8rXg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2cf85568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/tainan.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/tainan.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6KudN%2BxlGpEg4Pk%2FxLRjcIx01qNKkVpKUdLwxvoyC%2B1sVW8jJO1P%2FTPJ2SGBWrmGT3GnyFAq0Mq6kOZsRjLveGX4K2YQeoW2MEPdOA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff32fa5568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/alaska.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/alaska.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eW7IiZergHTMzLGnd4gOtbzaF7IXEC9ljbg%2BArGL8Ft1rwysOQR%2BuYSny2mK1HGqT7eqRcFkMy6P4s67WwYtRA6qLfiniaul0Ox1kQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff34fb6568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/banggai.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/banggai.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AaAp7K5B4IwUBo%2B1viSrHRfYc79k4%2BbGZUFqzYDEz31GngQKsdV3GLvEkrBdpTugrTQ5yVkL%2B86V9eWv4V0YK2Io5j9bsKVM9S6Qqg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff34fb8568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/banner/Slidertoto-5.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/banner/Slidertoto-5.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l3VBj6dR%2BQ1Z3XxpZa9trcJR5duLOOHbCKZ3xpOFrO9%2Bx%2B%2Bck5r3A0OV3dm0sVYVF%2ByNXFqC9tELBE4sRHs1KF4ISg3GAwpxk%2FUhvw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58fedeef3568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.15.4/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:26 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 10462\r\ncf-ray: 9aa58fe7996b0b69-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"613fa20b-28de\"\r\nlast-modified: Mon, 13 Sep 2021 19:10:03 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1340406\r\nexpires: Fri, 27 Nov 2026 16:57:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=2Auyua8tVSz8a1XK2tLA9tdm%2Be4DZa%2FW3jRq7jRoyvz6jwKy%2FuWCP%2BCPXwL2RSt%2FuOFGpirjs9plx25z3G52FnwUHUKNNqjhoPULU7yjYD9BhdRMupAc7LUOxpEA2ze21U3jgwCh\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59305,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (59119)","md5":"ecd507b3125edc4d2a03aa6ae5d07da9","sha1":"a57ee68d11601b0fd8e5037fc241ff65a754473c","sha256":"99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e","sha512":"d72727e8871a410e34fcc2815b65b84618acfc36c82d4ef80b5bd2acb2710aae7ba3de35626d354b036c38caaf10116572051aeb12e23d8fcd4b947e13aced25","ssdeep":"768:PEh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bf7VSzl:PE0PxXE4YXJgndFTfy9lQB","tlshash":"8c43fbb8e54c01cab731c44bef81b2bc61b6f73de5914d95f00e691c2ad26a811c5fba","first_seen":"2023-03-13T09:02:16Z","last_seen":"2026-04-17T03:19:06.744115Z","times_seen":35293,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":12,"receive":1,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/papua.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/papua.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 30413\r\ncf-ray: 9aa58fe82e83c759-OSL\r\nlast-modified: Wed, 06 Nov 2024 09:05:05 GMT\r\netag: \"672b3141-76cd\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30413,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1252 x 317, 8-bit/color RGBA, non-interlaced","md5":"6cbc160ec3de3faa63dbec8acecaf6a3","sha1":"862de85197163e4841f50b15c984199eb6cfdb44","sha256":"e267cbcdb2553f6f249b831c6312cbf4f4b1c64dfb09fa24fc7fe0910e1ad363","sha512":"c727e1fd1b7bdcd11b7ea647f3d7032f4740db0a9283af9884ea8595b1e50046d39cdb724c8cabb78c98fa410c7b677a76d854c55238de547c433f795b5655b6","ssdeep":"768:KxalB7heG9rYqSMZ/9FFSJBu412oVerAqoU5x:2c0qSkkQjoVe55x","tlshash":"e6d2c0526e77cef3fd030534ad8e4ff3618b544453f0dca5cee0990d46a3d50a1aaaaa","first_seen":"2024-12-15T06:15:26.070487Z","last_seen":"2026-04-16T10:32:07.249714Z","times_seen":279,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/phuket.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/phuket.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KgAAkWAN7tcUp1H%2BeS6ynNawJp3FmQu1u%2FRTAZhM4cCOj76ljUvL7WINr2kHmTql0KZ%2FNTJdAh5xaS%2Fbl7EqVQACwVbDTPNSjFm3Mw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff31f98568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/cdn-cgi/rum?","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:30.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1167\r\nOrigin: https://toto123gacor.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000; laravel_session=eyJpdiI6IlpBaEVOMFlOUzZIR1dwTkl5Vk5VVmc9PSIsInZhbHVlIjoiY1RmTFFEWXZQRkxmN1A2SklaN3liMlVIaFFUWGRnL0RZR1VWR29rWnRBL2RTSjQ1UmhzUWdnQzJZek91RWVLSkZEaHliOHc2dzlyL3dpdEVjYUxwbmVldUZCTjNkNmJRQTJmWG52WnBsUGY1aFBtaWdhRHJ2QjlYV3ZDQmFFbTl3MWxSWmxxalVwUCt4UFJTay9vZ2tlVUNLUTJjUWI2UEhNbWo2R0Y2ZERsd1V4NCtHRHV1MCs5SFVSQ1dLZUtYY2R3Q0YxQ2xNOVFTQWY0NzljRmZPNkt3aW9wWTV5dVJvYTlMTUZubm9Yb3R2VmIrczMwdTdzaExWT3dyQWwyUjJCVlllaWRPS3BVTUlDVDRTNURwM1laRzdKRWk0UVFSbnZURDJHUmNvL284ZENuUkNwc2VyemlzVGV0TWVwWlVsVno0TUYxZjV5TWZVYkRZOVVRT1BjcmxBMUtrVVR2QmVyY3VjdmhZZFQxQjlWWFROQmZiaS9JSGlseWp2cVgxd3dBc2VmS0RUQXZjUmRac2FXKzRVL3Y1YXczeTUvK3FyV0FUQ0NZRkJEWjFiekZ5OGtJOVZLWkhHZTBDd0h4eWdPQitISFUvd0FmbTM2Q2pPT1VTZXNnUlE4YzM1cENJaU9sSWRjQXpBUlVCdFpsaHAvU1VVUExkQlVidVZyd3IiLCJtYWMiOiI2NzcwMDNhNTg4YjkwNTNiMDFlYjg3MzU4MDRmZWZjMTcxMzU4OTQ1YzM4YzIxZjU4ZWMzNzFiM2Y1ZjEwZTcyIiwidGFnIjoiIn0%3D; cf_clearance=XoTw4EeoLz_LaL.E4MBRyi6ftnhnmvCDfgDr8XUWg2k-1765126649-1.2.1.1-GumEjUbEGuOydtJ7ng290a7C5Kzu_Htr9Kgm4X3OO9XVMP62UrhBUMfmaPFYT2hhCsktvGFwJKIGHggPcDOG2ietfEm6It9qjiOKq29o0jgiiPocYD1LVo3H609hDwr3qf7XzFfav1ul0SdlsiTk6KnxESm5Mjc3chB9A9Oy8XiJpyc6VReRu5SMvRJS58lOkhD4dciyXQ2vPQDUUxYjsSjHK3Fpb0HwZxlYqX4Pj1U\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1167,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":1494,\"startTime\":1765126646399,\"versions\":{\"fl\":\"2025.9.1\",\"js\":\"2024.6.1\",\"timings\":2},\"pageloadId\":\"12dab12c-a7cd-404a-8c3a-155f9f63b9d8\",\"location\":\"https://toto123gacor.rest/\",\"nt\":\"navigate\",\"serverTimings\":[{\"name\":\"cfCacheStatus\",\"dur\":0,\"desc\":\"DYNAMIC\"},{\"name\":\"cfOrigin\",\"dur\":0,\"desc\":\"\"},{\"name\":\"cfEdge\",\"dur\":204,\"desc\":\"\"}],\"timingsV2\":{\"unloadEventStart\":0,\"unloadEventEnd\":0,\"domInteractive\":2005,\"domContentLoadedEventStart\":2049,\"domContentLoadedEventEnd\":2265,\"domComplete\":4164,\"loadEventStart\":4164,\"loadEventEnd\":4167,\"type\":\"navigate\",\"redirectCount\":0,\"initiatorType\":\"navigation\",\"nextHopProtocol\":\"h2\",\"workerStart\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":22,\"domainLookupStart\":23,\"domainLookupEnd\":51,\"connectStart\":51,\"connectEnd\":71,\"secureConnectionStart\":54,\"requestStart\":71,\"responseStart\":276,\"responseEnd\":278,\"transferSize\":17757,\"encodedBodySize\":16617,\"decodedBodySize\":117699,\"name\":\"https://toto123gacor.rest/\",\"entryType\":\"navigation\",\"startTime\":0,\"duration\":4167},\"siteToken\":\"a1b7ad5596174e599314054bf1d3932d\",\"st\":2}"}},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\naccess-control-allow-origin: https://toto123gacor.rest\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-ray: 9aa58ffe1c3ac759-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bankneo.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bankneo.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 109712\r\ncf-ray: 9aa58fe82e93c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-1ac90\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109712,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3857 x 2190, 8-bit/color RGBA, non-interlaced","md5":"fa6e0017b03c76607d84638332ce1f41","sha1":"bae9f02857e027167b128b23e95fed4c04734ef8","sha256":"f4556c58d5797d6ee448f19bf5abe27ed3f2502cf227e5a1b6e22cdfb9c59fe7","sha512":"4a8b36e4c701df107acec0d427e67466eb2699ed35ac79c199702faaad12433b2a9e64d30c5f0b4a0c3674250d7b76a0f1910fc836f78c5a33ea66501d618315","ssdeep":"1536:ZpOvbD321Sr0NpQELpPqF1ok4+3ODTaBNT/IBr:Z4bDGc0XNP6TfBBId","tlshash":"e5b3aebd5f36f177e98809308ced3eed3e51085422a527aa63b2ad617d834b4316dc6c","first_seen":"2024-01-21T12:23:40Z","last_seen":"2026-04-14T00:56:43.844109Z","times_seen":277,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/parallax/jquery.parallax-1.1.3.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/parallax/jquery.parallax-1.1.3.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 434\r\ncf-ray: 9aa58fe8f8a5c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-3ad\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":941,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (420)","md5":"1508097fb2657eab7e68bd385cfbdbb1","sha1":"c65b4cb7750055e01101a4edb2f7d2d749e85174","sha256":"ba75543913b3258b7a19cdea608c7cc47322898d244b40b6190c970be2d3a2fd","sha512":"fb2b63f3aa3e83603dd8ac3211bd4624c00a0f534935dda13ad959121608d3bd7e3d5fa284c470692a9c57129ee665cc4a39bc4697d09c45841f506d9f5a7db1","ssdeep":"","tlshash":"0f115b38bb107255c96a762f0b3be309b21736415c028124d229e5dc6ea9a5bf86ac68","first_seen":"2023-03-08T09:00:45Z","last_seen":"2026-04-16T22:16:07.147898Z","times_seen":1841,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/blubca.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/blubca.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: HIT\r\nage: 1\r\nexpires: Sun, 07 Dec 2025 20:57:28 GMT\r\ncache-control: public, max-age=14400\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9aa58fef98acc759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-17T03:11:03.349549Z","times_seen":489671,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/totomacau-5d-15.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/totomacau-5d-15.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B%2F0dOHG7PTb2CBgqu3En3%2BwN0vUSaTZ3sT36nP0WuomN2%2FxNHohjRf%2F0YkffU0TViDMftU2haiE4XGGiC5Fk6oS2EZebMY8nnHaA7g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff33fab568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/4.C_rgEAoe.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/4.C_rgEAoe.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxMi95pviuGCK9W0PzRKYIo1VbWNHmY_5y_onLAvyl3LZgC-2a2oRvN13Y283D8tVnjCrdybIdM\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\netag: \"1771376dc07da48b3f03339d86d57b7b\"\r\nx-goog-generation: 1764933291322899\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 193\r\nx-goog-hash: crc32c=C03sAA==, md5=F3E3bcB9pIs/AzOdhtV7ew==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-length: 193\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":193,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"1771376dc07da48b3f03339d86d57b7b","sha1":"a5861ebfff23a92ccd1ce6b8a517b6f877d50a63","sha256":"6e148df31d721a0ff08563f2d676751786e01418c86ee54ee8f0e88aa46ae26a","sha512":"6038efed0774fd61c7bf6558d3ea24ccebfada1041fa2c1606263a19f8700043a18f6e368ed550fc61f644eb7b81f8cac01498f30cc56a103295911b28e436b0","ssdeep":"","tlshash":"afc022563060f3a502bb0ed00033e02af32a402cf0ebfa80a65cc4f020630530a26b1b","first_seen":"2024-06-24T12:34:02Z","last_seen":"2026-04-09T10:49:40.045057Z","times_seen":23532,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/icon/icon-totomacau5d.jpg","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/icon/icon-totomacau5d.jpg HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8889\r\ncf-ray: 9aa58fe7cd9fc759-OSL\r\nlast-modified: Tue, 26 Mar 2024 08:43:46 GMT\r\netag: \"66028ac2-22b9\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8889,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Converted from  WebP to JPG using ezgif.com\", baseline, precision 8, 210x205, components 3","md5":"67fd9d3808352cbbf6ab4e5e95203d96","sha1":"6183b3579f6fb6d0607e424ca11269f3c74c2d8e","sha256":"157c3fc50a9a79068835c64a4a57ad51f33cebff9c177e171e632d1e99134b84","sha512":"fcc42d43f3be3791b786e8e66caa3e3ff74ddf162a5d1fb2e409026d8eb05204f9f6373425f1d3432e50acf21b84bdace44861c7eaf2c1849b9da1f14a74c96c","ssdeep":"192:iytawtgRLxvmi5rF+WIKM63JP/iTL25zDA1mzM6nXOUddP9Io5vnHPqYFMU6kUN:ihw6/vX4WIKM65qTSiR6neSdP5RHPqYQ","tlshash":"9802ae4658568169f8ab8e3b683f53124e1c7b8bcac1786d153814bc02e3f959fccf05","first_seen":"2024-04-27T15:45:17Z","last_seen":"2026-04-16T22:16:07.170994Z","times_seen":1417,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":610,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/panin.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/panin.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 7544\r\ncf-ray: 9aa58fe81e77c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-1d78\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7544,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 450 x 100, 8-bit/color RGBA, non-interlaced","md5":"37fa040c2929dc9063943c5ea2ca3622","sha1":"56fb45e917da5788ca7f767daad839f96d8cabef","sha256":"cb5d8a5e20e3aee1333d24ce82fb36025b895146dd7f1a602cd921d828e1fbcb","sha512":"4f582660270837c6c6b08b9e36ddf745bdfcc78c2e3b2517e3292a825c7699ddf9c5f9d7c120e2fcf204ccbd667e4c7ce22fe53a0c511c05506775cf31885898","ssdeep":"96:TX2/2D1siKZKj/d/NN0qDzh8aV6x+JalPWDNNgqVjIycerHuD3cXX566E/6Zo:TJ5xKZU/juSdV6iOuDtL4cXXc6EiZo","tlshash":"12f1af5cb99171e140624af206fc8162fd3b1cb642d9f1ad70a6fa9da0c153512be2cf","first_seen":"2023-06-01T16:10:36Z","last_seen":"2026-04-16T10:32:07.188147Z","times_seen":651,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":760,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/mestika.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/mestika.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 10294\r\ncf-ray: 9aa58fe89fa4c759-OSL\r\nlast-modified: Tue, 31 Dec 2024 08:45:05 GMT\r\netag: \"6773af11-2836\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 290 x 58, 8-bit/color RGB, non-interlaced","md5":"d79504efc95aa4a2b0e275153a4463ab","sha1":"046aa52ab2efcfa589b1fd5a11c2473e68b24a1f","sha256":"ae2c4a2a050d1ebb8b16fe7ff0a6458f7e83fbe13f60b88c8d788053f69edb22","sha512":"9a2590f30e8309a6faaf7c6e4c62a0ccd45f56b80552c2a27ec3bc39028b9815ca9f90ae9f43dce6219a367b7d9475195f92fd18277b719845ac9aa707e7acc8","ssdeep":"192:dSmknXl5rdbU6XPXHhnGx7yVWRQ14BP4EQZ2yHFIEBj943RRDY8azCL:cNnXl5rtUuXHhnGx2VWue54EiXlIEBjO","tlshash":"d9229e69dd6b6ac1e78f3f8029c792c51537578126924c12e8ddcb93182e775805fdc3","first_seen":"2025-03-10T01:18:36.807988Z","last_seen":"2026-04-16T10:32:07.215853Z","times_seen":101,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bankaceh.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bankaceh.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 48572\r\ncf-ray: 9aa58fe8c815c759-OSL\r\nlast-modified: Sat, 26 Oct 2024 10:55:05 GMT\r\netag: \"671cca89-bdbc\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48572,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1103 x 250, 8-bit/color RGBA, non-interlaced","md5":"34c728240661b5d022b1bfa00288fedd","sha1":"f39c7f438bdc9795235caa7e3a0727566d7147a6","sha256":"5bb04064d2d9addcf3e1e337a9c800b04b05ab8b5589dc2c89ba9069a19dc2b3","sha512":"02577da8c7e85db4641e44f6cec4ab25e408824ba3b78e85115cf8c1a20c78ee48e917c04b062e36db55e2298f6f0be7db678f16a7d53e9f47cd6197e639aea6","ssdeep":"768:D7ucdlNmUFwO2MbK8jbAKGgzhaQYwQYDJ32VMzOgqtOVu:3ucdN23sbAKPhhYMIJgGOVu","tlshash":"4f236b617d23bc004b6d598ccae8399bb4eb57e15875800fef8fd522da348086e9d1da","first_seen":"2025-08-10T01:20:56.258175Z","last_seen":"2026-04-07T18:19:22.018593Z","times_seen":23,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/sakuku.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/sakuku.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=14400\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nexpires: Sun, 07 Dec 2025 20:57:27 GMT\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9aa58fe8d854c759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-17T03:11:03.349549Z","times_seen":489671,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/style.js?v=1.0","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/style.js?v=1.0 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 2144\r\ncf-ray: 9aa58fe8f8b1c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-16de\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5854,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1126)","md5":"6174734545f4d0a24a22ae2f24526eaa","sha1":"969abdca32818ce8437a095b6c1e478d2bf70345","sha256":"d943adf3ed1dad80fb33a3380e56e5a584293f8d1694dbb6d5c5d1c6036ee406","sha512":"017d07cb8e391f853c7add6f7ecc503c09791b8a76a942bd51ecd55d203ab5d773bfdcc90b33f911ced9a4538f6d0e28f7141055449e2f9dfa29976b0cbfa955","ssdeep":"96:xEU393Bu563333G+3v+3tZYJWqr8xZMq038T4hfclwCBMkyZH:xEU393Bu56333R3m3s8xZMtMUhfewwMD","tlshash":"6ec1438ff251143505fb373a822f5b09af7f2a1a4945d124f0fb46a41f6c509a767e4c","first_seen":"2023-10-15T16:21:25Z","last_seen":"2026-04-16T22:16:07.206643Z","times_seen":1830,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 22 Oct 2025 06:18:58 GMT","end":"Tue, 20 Jan 2026 07:18:54 GMT"},"fingerprint":{"sha1":"C7:F8:82:22:3E:BC:9D:F4:7B:0A:EF:A0:EE:C2:C2:D1:34:7E:55:1D","sha256":"EA:85:37:F0:6A:CB:4D:61:4B:3D:2C:58:4B:FF:E5:CE:3C:33:94:71:D8:11:77:5A:C1:99:2F:94:1F:D2:FD:F1"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://toto123gacor.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9aa58fe9393c4e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-17T03:07:52.610836Z","times_seen":332617,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":10,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/dkw/logo.png?v=123","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/dkw/logo.png?v=123 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/assets/css/dkw/dkw2.css?v=1765126635\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 21995\r\ncf-ray: 9aa58fef98bcc759-OSL\r\nlast-modified: Wed, 20 Nov 2024 10:35:05 GMT\r\netag: \"673dbb59-55eb\"\r\nexpires: Tue, 06 Jan 2026 16:57:29 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21995,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 210 x 63, 8-bit/color RGBA, non-interlaced","md5":"ee87704e94fe7d790eb019c20c42b992","sha1":"e0a970ea466b4f9c13084fe6fe4fca475e84e4ce","sha256":"3fd1e074489a566bfe33dac59a20aa1b64d3b7edfbc6a85c2210528bdc79dabb","sha512":"b31ff1788fff5885538ee340ba655d2843eb4c70959f180e2013728358ebe4b31ce648ab45d86d88b9b1b4944a9b25356a65e74ab7ffd2063b32592c165413b8","ssdeep":"384:rbFaj1RpNUvIbTXWW2urh/gwznj83JowKM62RSAffS5B4+ml1:srUvI0Mh/tzj6owKM60O4T1","tlshash":"b8a2e10bf8f1d5140565112efc95743a9a704487b7f0906c7828ecd9fee25ae9c4dbca","first_seen":"2025-07-21T21:59:57.467325Z","last_seen":"2025-12-07T16:58:18.590524Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1299,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/js/vbulletin_md5.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /js/vbulletin_md5.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 9aa58ff029ffc759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-1639\"\r\nexpires: Tue, 06 Jan 2026 16:57:28 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nage: 1\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5689,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2780)","md5":"1a28d5e018df6a763d8c43e320c82944","sha1":"718f3148bc0ebed7f32bf13cbd9766b098488fb5","sha256":"94a03d94ea079e4a5877a8d14914288246f30a12b3833c8d59ad22dffc63a7d1","sha512":"32e9914b734a44497c081172e5ec0acccac466b4a26b674c68caab856f99f275674a96dbb10d41a88f2d9ac2eb2f2c5bf3d4f84786b45e9af8597971f11e67b0","ssdeep":"96:aa28J0Hju1W1nK21b1DxMOUe1kTQBstOJMFGMvzEAPwqJfAXYCfFQXE5JaGXC6rS:vOq0xvNJUNOqwqJIoCtCE5bIN","tlshash":"61c1fd40b781c17ad7bd8ef0bc4a1f4ef17edaa808065404b5b28edc4ded47944a9f1a","first_seen":"2023-03-14T18:52:00Z","last_seen":"2026-04-16T22:16:07.118632Z","times_seen":1851,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/mandiri.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/mandiri.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VZ0gU%2FBOHpsC8s0W8szqe5ghbmeGINReD1VLo1MKIMo6fDhRrjMBCRlyc6qgmweO3qLy5SjpaxZ%2BM6JofGhrpzJJgWYRZMMUxZ0BUQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2bf76568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/singapore.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/singapore.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dAJexRwnkiBrqpdlaiWk%2BfUL9y%2F7dA1845%2F4cMEiqqcWKLVj%2BQdPtrZ09gn9zyFL%2BGFH5YEq2%2FpsPUE2075kh1Uf7hmGl0kj1qcNHg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff32fa1568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_localization?organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026version=3e484e3f8236c9d1f2239ff432260121_0440425a97d091180472259e85cc8c97\u0026language=id\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_localization","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_localization?organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026version=3e484e3f8236c9d1f2239ff432260121_0440425a97d091180472259e85cc8c97\u0026language=id\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_localization HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=600\r\nexpires: Sun, 07 Dec 2025 17:07:29 GMT\r\ndate: Sun, 07 Dec 2025 16:57:29 GMT\r\ncontent-length: 4978\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14240,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (14238), with no line terminators","md5":"3d39213d58edde88d2c8968d53479bcf","sha1":"98609f140731907a00502dc946c4829c892d5538","sha256":"080eb958435200940a8c8cec3e8b0701a02692b63f2a38189244e7c4c138e3a0","sha512":"199384f44c2299e8b6c7ffba233fe21a2ca433e1b9d7649ef9d042784cf8f92c5fa18b5557ca8f39e8c637b84aaa67d834b57298e6aaef56a020f8879e93c717","ssdeep":"384:k8PmODwsg3FZmERbo5DQCBuLdAeAk+kPDPcJ0L:5PufFA/HuJAY+wDXL","tlshash":"7352e9640daa79aa0b2753daf5db5d1e38ec33649b401a2fdd884f304284bc5735be39","first_seen":"2025-12-07T16:58:18.591775Z","last_seen":"2025-12-07T16:58:18.591775Z","times_seen":1,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":168,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/superbank.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/superbank.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 17147\r\ncf-ray: 9aa58fe84f02c759-OSL\r\nlast-modified: Thu, 26 Dec 2024 08:30:06 GMT\r\netag: \"676d140e-42fb\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17147,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 798 x 127, 8-bit/color RGBA, non-interlaced","md5":"e597f9564c0c32ef6e110c42bd69632e","sha1":"73c6c0b82a215138b2bed890b7b0fa8d00aba493","sha256":"a5668746d4f4391a357c2c5ea06a17b1d3ba9910077cfee060681f2cf975e87f","sha512":"f93c2885251de433188b37de2a18edd1efe444a7fedec3ff2e2197ab21e49e71345802a1a6ee115a2a2d11d52addf9a88b012352714bf4e37f8809ef2b26f810","ssdeep":"384:RjdeLtlUGqulSfPCyMjOjdK4qBk2CHmH2/g:74t9qhP9rdKp4yeg","tlshash":"3e72d1dde0819cccd1436f829ee551d9ce24a4deafa6221a037ec55c1928bcb5c04f6b","first_seen":"2025-03-10T01:18:36.700472Z","last_seen":"2026-04-16T10:32:07.140198Z","times_seen":90,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/js/custom/floating_icons.min.js?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /js/custom/floating_icons.min.js?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 657\r\ncf-ray: 9aa58fe908bec759-OSL\r\nlast-modified: Thu, 20 Mar 2025 03:11:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67db8776-494\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1172,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with very long lines (1172), with no line terminators","md5":"a1f9706eeee7690ce0fb65264290a61d","sha1":"f47499adeca0a42d73894a8424a5dc65e1c8cde4","sha256":"afbf313c9cd8546932da922fcd36f00f9e0787370ac0d46ca82d3cb31d15d0ea","sha512":"99830735da3f51fcb6510a5f682638c2ded1a875790cdc5ed9eb928decf8d744a48e107d92af6db421b666a86cc88542c187c2d2a0c86535937143bbe898e15a","ssdeep":"","tlshash":"0f2186a083a6d43d83809166c37493097854302efe529640fdfc8a8b1ba9d4c6c23efa","first_seen":"2025-03-20T08:45:19.929797Z","last_seen":"2026-04-16T22:16:07.074086Z","times_seen":1557,"resource_available":true,"data":null}},"time_used":622,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":622,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/sumut.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/sumut.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: HIT\r\nage: 1\r\nexpires: Sun, 07 Dec 2025 20:57:28 GMT\r\ncache-control: public, max-age=14400\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9aa58fef989dc759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-17T03:11:03.349549Z","times_seen":489671,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/tokyo.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/tokyo.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vBiUi9niVCA0GhV2mEiSJaanIqp8hT4wi8jlHmsxBZMSjM0JPHLRCDsxST8FQPJak61D3QDXpZfMPzsTp0FH%2BH2yyrxrxxcM%2Fe3HWg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff32fa7568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","fqdn":"secure.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1 HTTP/1.1\r\nHost: secure.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncontent-length: 757\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1776,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1776), with no line terminators","md5":"9f31a9294a5c8a673798cf199f969f22","sha1":"a2f6cacda432c2b5f42127aea238e68ec6777ce8","sha256":"567a5a48ce7eec308c30305619d729992d156d88c36436fb629bedcedb92fe77","sha512":"9a557d1155e551ccdf6251dfe105e94b3c11e887b614e34867bbcbb7f1f20022b8c9c85b23ed4dec5059b489b045c97dd532d978949b573ef369f1bacb89c4fe","ssdeep":"","tlshash":"55314173aa00c91d71748221b99bb08e895d534e8644acf2b29412fe0ad0ed5c173e29","first_seen":"2025-12-05T11:45:40.156159Z","last_seen":"2025-12-08T08:57:32.159064Z","times_seen":213,"resource_available":false,"data":null}},"time_used":495,"timings":{"blocked":27,"dns":0,"connect":0,"send":0,"wait":468,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/banner/Slidertoto-2.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/banner/Slidertoto-2.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=338vTdK28xfTI32B6f9TO1nunVj9241Ap6xPPgKxV8gfdE802AbMZU1vYkqFxALoUS2p9iwbarxBrnB0sy6xL6IjP%2FoBYf8dkwzxVg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9aa58fe8beff569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":14,"dns":67,"connect":2,"send":0,"wait":7,"receive":0,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/banner/Slidertoto-4.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/banner/Slidertoto-4.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mgfjoNfQDb5Q3LKcyZoh0k0mnUChRcd3pef12gH6CsewW21sQ32So9tp9lSNy3iHl25KZFOiMiAb5dSQ68TS4ASaXvAXxKSDQPRFCg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9aa58fe8bf01569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":14,"dns":64,"connect":2,"send":0,"wait":7,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/Gifhome-Toto123.gif","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/Gifhome-Toto123.gif HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zkUfoaf%2F2zJkr8Nve34p7Yqh1bMCb%2BmialscxucE1zqNxDQiWsLPhjWIE9UNv4K1S26l4nQHk8kKG7sQJr2UnVYOFfpVG5MbXiKASw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58fefdf3f568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/css/components/loader.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /css/components/loader.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58ff0bb33c759-OSL\r\nlast-modified: Mon, 27 Feb 2023 03:17:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63fc20b9-b86\"\r\nexpires: Tue, 06 Jan 2026 16:57:28 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2950,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2950), with no line terminators","md5":"f81874edee808f64a81f1c1994902cbb","sha1":"3077fa00bc4fe56438a060eefcea27e910563c74","sha256":"2f75efe3c598d795e95fade1746451bb15e1e950724f34155195d4d6e93180ae","sha512":"58e8cff6f6ac4cf5e774156acbce75317be115694ab77006b157fbf8beff629b6f0a70421cd8535f937e0385091998263e9c3e36b11a5f0624711e5d709df6e2","ssdeep":"","tlshash":"025133390a025411c157cf9261c57f69042ee9276a334d5ff2087bdcc7e295d23a5f9e","first_seen":"2023-04-13T17:56:31Z","last_seen":"2026-04-16T22:16:07.16781Z","times_seen":1607,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":395,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/maybank.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/maybank.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=14Xc%2Fs%2Bp5H3wB%2F4FydPiTSVIyTxuPR%2FoVKWbOAIAgA5tjdj1%2F1Lr7xSEJmFKl1yMmXvzs59i3tIMGlhQS0QyxEBEUJaF%2BC%2Bnq4aR3g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2bf73568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/southampton.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/southampton.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=elz2pkQkxyXDG90eUsEpHMI9l5NoOpqmneO2UHNh6Gqn6xm3e7f3ULWe0C6yIOQN3rvVgbx9GlCX90DouNuMv%2BgOyc%2FURzouyRwCRQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff32fa2568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bankmaluku.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bankmaluku.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 117101\r\ncf-ray: 9aa58fe84f0dc759-OSL\r\nlast-modified: Thu, 26 Dec 2024 08:30:06 GMT\r\netag: \"676d140e-1c96d\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117101,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 296, 8-bit/color RGBA, non-interlaced","md5":"6de22bdbd5a96c65138aaa726ab332da","sha1":"40a7a5cf728d55bd50a2ec60f6e7433cb2b12385","sha256":"41cf483781e0d93bbc94dda097d93eef266d5e6198bf7af5011d90f0a92a0aa7","sha512":"ee0fb6a82a697e8b348b91876d83d773c86bffae3e58740868044a11b77bd76c341f3960b6f82dd30edb3f3c9585c43fb7610eec375d044a69d93d4a35130a99","ssdeep":"3072:tXGJP//Yhk+u+YB2sYxhhSQBUYSZ+45cGYUNg/2iYTskwS:tXs/r+u+K2lxhhSQyET/+iHkwS","tlshash":"f2b312530c2d2d0ecb8f1496e5315c13a9e68cfc939b4e65a1c66be07cb3b443d8582b","first_seen":"2025-03-10T01:18:36.810097Z","last_seen":"2026-04-16T10:32:07.204241Z","times_seen":70,"resource_available":false,"data":null}},"time_used":437,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":182,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/mega.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/mega.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wZY%2FJv1EXYEw2LvCUm5CJ2HV6AZT1HmKloADPY2nPd6ujSHkIZ3ZMHqlvPkaIXm2ZvinnCxRjuNjEGawKtQaBgJsKMBmo92VUzn70g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2bf74568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/banner/Slidertoto-5.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/banner/Slidertoto-5.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fU5xKdjc0fdl5oi%2FskOJa0gb8Lb%2FDtgiRZpNzBkXTRcUj1SOsng3XjKjHZXd8qVyE1FfYRPO9nHOT%2Bm7CDN1blGmbfKny3TBCDBJRQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9aa58fe8cf0c569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":75,"dns":68,"connect":2,"send":0,"wait":5,"receive":0,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/bootstrap/bootstrap.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/bootstrap/bootstrap.min.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 8419\r\ncf-ray: 9aa58fe8e86bc759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-7ba2\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31650,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31650), with no line terminators","md5":"d08775b7d337d5f37e3fb102f1a8a913","sha1":"6cbd6f79def44d7e96d933a17967cd2afcf9ba3c","sha256":"8ae9a41def07afb4166b08e3143071437d1867e5f26e6bd907899a8b50bbafbb","sha512":"458415d96f8a83f130fdae57e3322c75b67269f4eb57494074e06b757eced0730c58ca73a8c65148c19b9126653ddcf66e3058426b921e1bd51c3b7369a5f05e","ssdeep":"768:poBFw1wl+WRydWDRQgn8WI0fBQLrX84XCqc:qAr2MRCqc","tlshash":"b7e27446b230316107dfb2e5515f020b723a6a6dea06907c38b999f53db9c48727bf39","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.211533Z","times_seen":2147,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/taiwan.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/taiwan.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HD0aBaH1ogtiXOO0XYB8KPTKUaPqzPMYBaNprorrvd9%2BIvXL87NhMpc4KLgl051bFfjnHQdr8Dr5TNhXqONCYsHGE9w8ZZzTzHkd6Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff32fa6568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=18727416\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Ftoto123gacor.rest%2F\u0026channel_type=code\u0026origin=livechat\u0026implementation_type=manual_channels\u0026jsonp=__sufjpsfbb8","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=18727416\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Ftoto123gacor.rest%2F\u0026channel_type=code\u0026origin=livechat\u0026implementation_type=manual_channels\u0026jsonp=__sufjpsfbb8 HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-security-policy: frame-ancestors https://toto123gacor.rest/;\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nx-frame-options: allow-from https://toto123gacor.rest/\r\ncontent-length: 384\r\ndate: Sun, 07 Dec 2025 16:57:29 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":384,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (384), with no line terminators","md5":"b4c9c03720118f20cba62ee327a80b88","sha1":"a296edeb95732c3f7157b56dedbd3284bd78eede","sha256":"d50316be3caba18d1979cc4df6eed9654afa55797826f0ba642af5296eb49859","sha512":"084a88668dcc2bd8e2e6f0aac7c50108842f0e95477b65ff53365d63c3e4f529804e86e3af78d23232a7582c6d4dc7e6d61ec25d0b2be3932e4e007b08cb3160","ssdeep":"","tlshash":"f1e0d872ba2159386ac1f7ea94107d46ba311666d109197cb0761700e72b7ecfb31546","first_seen":"2025-12-07T16:58:18.599919Z","last_seen":"2025-12-07T16:58:18.599919Z","times_seen":1,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"api.livechatinc.com/v3.6/customer/rtm/ws?organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026x-region=us-south1","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/rtm/ws?organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026x-region=us-south1 HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://secure.livechatinc.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: QDJr4BTaPdcq4C8cuha7rQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nsec-websocket-accept: cZEkmeWaX8tBJoJgVwcz4Y5Ofos=\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://secure.livechatinc.com\r\nDate: Sun, 07 Dec 2025 16:57:30 GMT\r\nUpgrade: websocket\r\nConnection: Upgrade\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":137,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/panin.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/panin.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=486Tys4k4YAcjpfGpfUcOwuCUzB%2F%2BkTW5kk6pfTY361mfT2e1y0C%2Fk4KfZAHYPZhDn%2BG%2BN8H36WkRbB7DjloCKV4%2BnNyIdMt%2FtDLLA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2af6f568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/manila.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/manila.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=juHcxRaJwz6tty%2F2j8C0MUD8mcBgXdLgPxABxRX8lz8Yzv1RhylSKX6qlZJGA%2BROVu7DABaVe8QhXi6TWgoNPpl3PCh5H1cVR2MJ%2BQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2ef8c568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/1.Cze7AJKr.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/1.Cze7AJKr.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxOLi0-bbfg2HUXvMSGtt3mHe25-ZB0wJi6_vlWMiSgsWyZucIjvXjWPPoWD2Wqcu4wbENZb7evKkclrgA\r\nx-goog-generation: 1764933291267433\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 53271\r\nx-goog-hash: crc32c=QSSI/w==, md5=dyycWx5MkacVv8u9ZvKHwA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 19305\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":53271,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (36635)","md5":"772c9c5b1e4c91a715bfcbbd66f287c0","sha1":"255053c9e96e272715de32e4221c6e60e22c56af","sha256":"f5457bc030c52505bd2f5bb454e91209ddba7fddf33a706e1f9becff36df84b9","sha512":"647500c12ec7db590f07ffa64438890355440503b1b0ebd28da634857f5dc2a4e1b5b7096436363102a6bba8d9e855e0298a073f53b2bdd0192dd6b49bf6b3a0","ssdeep":"1536:K6s+dHhkyAvAhUN3bVZ+lKMZ+o9YKF93d17m:1/BtA4hsr+H+otF9Dm","tlshash":"3c333ccef141713157e755f2b06fa106f63a292c384c80b0f629dd9925ee44ba22bf6d","first_seen":"2025-12-05T11:45:40.043877Z","last_seen":"2025-12-08T08:57:32.43044Z","times_seen":214,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/11.al-9NYxR.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/11.al-9NYxR.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOEShjWtVKhOTriWsBIe8GIOXoMmbVSq-8Nf07W7bZDDIxx2PGCi2HFQ8S-_rMfo6HPSFt5b3HE\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\netag: \"4a073c5805819d74eabd3e843372d502\"\r\nx-goog-generation: 1764933291253987\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 236\r\nx-goog-hash: crc32c=6eM7Vg==, md5=Sgc8WAWBnXTqvT6EM3LVAg==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-length: 236\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":236,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"4a073c5805819d74eabd3e843372d502","sha1":"cb12e953dbee2d3ea08d35d86bcd2476a490bda9","sha256":"0cb3247cac5de8fcdfb226ebe2dc4960b6ed473966359f73ca13ca286309122b","sha512":"036da8fb3959ebbef26b546019535a9edb7a99227a28252878247a756d3a7ea693f48e9ffdaf5886faa7fb2cbe56292bbf9552db5dd1d26e6574d8034ee183ba","ssdeep":"","tlshash":"ebd0a78cb643b0b16276b138853f801fb035e984a44404f0d13ad9c03d7c1a97597c5d","first_seen":"2025-11-04T08:39:27.95245Z","last_seen":"2026-04-17T02:01:43.457334Z","times_seen":11808,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/owl-carousel/css/owl.theme.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/owl-carousel/css/owl.theme.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe78cd3c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-491\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1169,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3ea6896ea9e3b4da06cc4d865bc75c97","sha1":"706948cc46b52e5f68c531f79f647884a3f30a3d","sha256":"c91c5cc4707b835fd0f3393d3200803a7a1a5cb95a299cb10c9dec7eef0f7d84","sha512":"0869113272b6b1effc18ce4edde1c197ba0d378dbcc7776205a5597ff188cc017597fdb5aa49555d94f4320dc8c90bf7e7c599d2d67cf6ebe30954cae4ea1e86","ssdeep":"","tlshash":"ae2125e4d668425d307ac2847a0ccecb628d72b7a21815eae4ca7934e34ad41392f349","first_seen":"2023-05-24T14:32:03Z","last_seen":"2026-04-16T22:51:57.51631Z","times_seen":592,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/owl-carousel/css/owl.transitions.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/owl-carousel/css/owl.transitions.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe79cdbc759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-ef9\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3833,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f30d5b54fdbdd797fd2b3984d86212f4","sha1":"22d9d642188022c65959dc9edf6c430613a4c15e","sha256":"e3f2b6c8ada6af5eaeba55383228a50eeef1f88613e3d436ef1d1c925e9ecb83","sha512":"efd728d75a314a92e128ac9e82db38c333469211b6185f39ab53bc5dc0c29e3ef40cc9d755f66060ef680db0cf36628004d55b91784df7f10034373e2b7cd35f","ssdeep":"","tlshash":"4d81386f81921348949b0781bbd8f6980b4c899264339cff71c97d9bcb046de53f9a1b","first_seen":"2023-04-27T22:13:16Z","last_seen":"2026-04-16T22:16:07.072371Z","times_seen":715,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landingsplash.xyz/banner/image/promotion/IDNTOTTOHK.jpg","fqdn":"landingsplash.xyz","domain":"landingsplash.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landingsplash.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 05:54:15 GMT","end":"Fri, 06 Mar 2026 06:50:30 GMT"},"fingerprint":{"sha1":"28:F5:8F:29:DC:E0:B9:4D:43:BB:A9:FD:24:C8:AA:38:8A:C8:AB:43","sha256":"44:98:9B:0A:19:20:36:62:D1:E3:1B:29:43:6B:2D:FA:8A:C5:C0:35:0A:48:1D:49:9E:30:12:E3:72:BF:91:13"}}},"request":{"raw":"GET /banner/image/promotion/IDNTOTTOHK.jpg HTTP/1.1\r\nHost: landingsplash.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html\r\nlocation: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/promotion/IDNTOTTOHK.jpg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JjLOYglsUt68kUtcOZmB8m%2FnpDZccl8Coifg%2FgbY16Wh7zpS3sx4UvVSJTX%2FwBmCygh8H%2BEmGZkW3QgORfl01xklRXp418JfamvXLbRqw2ap\"}]}\r\nage: 1113\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: 9aa58fe87fe7783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88744,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":25,"connect":1,"send":0,"wait":15,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/gopay.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/gopay.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 4046\r\ncf-ray: 9aa58fe7fe1ac759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-fce\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4046,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 86 x 25, 8-bit/color RGBA, non-interlaced","md5":"50248070ce64c8360a5576e782f23e68","sha1":"a14710eec9377c1200f0af4f13c2518e0d15fcc8","sha256":"c1e6c3f3fa6029282b8d718f2088fd4dfd5ea272fcb63bc37f95e66df9918df2","sha512":"df620d681efa293af6ada8fe51d4910ee1cb3fed2e7932cf618ef113ce33bd4debec0e4c40cebb7a28481ecc356add8d3acb03103d0575f7074a50c4dae79d8a","ssdeep":"","tlshash":"04814cafbfd17f40569260d208e484931f360dd1ac91e6a2ac95c8de34a19fe1985fc2","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.097449Z","times_seen":1613,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/allo%20bank.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/allo%20bank.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=14400\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nexpires: Sun, 07 Dec 2025 20:57:27 GMT\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9aa58fe8b808c759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-17T03:11:03.349549Z","times_seen":489671,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/bsi.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/bsi.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B8l8ND8JtfaUyB4ORz0F8vy71%2B%2B0Vb0wY%2FKT4Kj%2FIPNJ7IjXmlatrhYhSRyaiVfWm0hZH4e1UYz9bUbT%2BaP94U6hzjAz%2B76IDIOcCA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff24f65568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/maybank.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/maybank.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3174\r\ncf-ray: 9aa58fe81e70c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-c66\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3174,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 87 x 23, 8-bit/color RGBA, interlaced","md5":"9090309db1eed014753ae3b858b4084b","sha1":"a697395e709e693789bd82b2130b3c2ad3a4aa48","sha256":"09f4d88fdb291df0519ef0bf158f3308c71fe9a921e2cf11bf990bcf0b8380c0","sha512":"11f72d37a863239e5cf8f76b0c424681ca68676137fea4e88774bed3e0ed13230d3501ca94d065324cd34c8388ae6e9c96fb2b5c76090cab0f9851bd3287f654","ssdeep":"","tlshash":"53615c7ff9a54e908f1af3b125dd28b30b65c610b9e0fc45b9c9d06229641f065ccae3","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T10:32:07.179416Z","times_seen":724,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/mamasa.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/mamasa.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yxO11dx2rCRFizpqDjm8CqyXi583yWGiZ%2BY6FfeY253pujq%2FBHq631x1wf3%2Ff9IY%2Bhi18XbwNqhfvfPE%2BYF5Ld%2BedgeKtOYwkHGIIw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2ff8e568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/wakatobi.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/wakatobi.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4SyI8Tg5VtTYc4wZnGkdt40QsX2y%2FNsU8xKPSFdoIlSD2yxU6Hyp2YpYR090j9JU%2BOld%2BTU7%2FcPD%2BFhbAhA%2BJFLZUArfzWeqr1ohkg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff33fb4568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/seabank.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/seabank.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1487\r\ncf-ray: 9aa58fe8d850c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-5cf\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1487,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 132 x 42, 8-bit colormap, non-interlaced","md5":"a4ea5e627732180b9f7c4d1ae6c28d25","sha1":"675d858d52a0a67253fbf10b80388b5807258026","sha256":"ff37442401121b3907208d7085ff13bec864479e93a4e157e40d2c1abba65f44","sha512":"2c268fd2376de90c280dcba69c69ed48bfadee564a44d4a728527e37b090b283476b437280396fee51c2674c92fc4fbacc42d25903842fc0bb76c1b6598de665","ssdeep":"","tlshash":"ce31c9a390b9a5d60558a2e00cda0536f11cef1fc0e01b95615d18be6cb45e7cdfc850","first_seen":"2024-04-27T15:45:17Z","last_seen":"2026-04-16T10:32:07.235814Z","times_seen":850,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bank%20papua.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bank%20papua.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 2763\r\ncf-ray: 9aa58fe8c811c759-OSL\r\nlast-modified: Mon, 04 Aug 2025 02:55:07 GMT\r\netag: \"6890210b-acb\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2763,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 30, 8-bit/color RGBA, non-interlaced","md5":"0997a0c17d0407c3de0f8335f58a4f8c","sha1":"d739d4e138a1f1b5b40080c19242b73f07ab7e24","sha256":"6abcc0a45507c30da7a8fa7f7c38b5dd619e1f496c05296fd407472695c6430d","sha512":"0f1efe272b35c93fc9ee0fc5f5db3fd05c42a13f87a653443086b2340fc8645dec0a2f99d09426e599155e0c558141f7e3c1049f6dfb06dd8f137874f1f831a3","ssdeep":"","tlshash":"d6511a8ecd6314b7fc1b50668a75b5a67972703dfe320f80614c6c1a1d8f5e639b04a8","first_seen":"2025-08-10T01:20:56.364739Z","last_seen":"2026-04-10T12:02:48.802936Z","times_seen":44,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/jagooff.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/jagooff.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0EZdJbA0JRTbqjWkRE%2FnO4oABA5QPK5jaI3IxhyiA10bAx6rs7Y03LUYHKCISTTOcoS1%2BUBGITjhj8w%2BTsVKvk8tsxW%2BADKmYvZRjg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2bf7a568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/karangasem.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/karangasem.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qh4QgExanziqGvjs%2B49jRPvQTKKdgqm7DCrP3VuUoybPTJVdgnP4h1U8%2Bqz0bi5bd9U5A1MRn8iyaSzWr38uQlGub%2FCpBZNFjZ1CbA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2cf86568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/fonts/Muli.ttf","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/fonts/Muli.ttf HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 49008\r\ncf-ray: 9aa58fefc90fc759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:26 GMT\r\netag: \"60c6c4e2-bf70\"\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000;includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\ncache-control: public, max-age=14400\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\nexpires: Sun, 07 Dec 2025 20:57:28 GMT\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49008,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 18 tables, 1st \"FFTM\", 32 names, Macintosh, Digitized data Copyright (c) 2011-2014, vernon adams.MuliRegularNeWT : Muli : 25-2-2014MuliVersi","md5":"df7330254513d2fa2f4c1e9ee98cc6c6","sha1":"aa2edf77d86fff82790b846917772837828e4902","sha256":"45acbaae00fb0cfa8413b582cd4c0dad9653c78a051a7215205079ccc7c7e233","sha512":"7b105ea2d7f505435519444826958f064ab7d96583f8fa9a963b9285054452599b117957e4015e36125d749fc51863ac55341d04e0317d3d36f2d93e4c6607f9","ssdeep":"768:Lft4a1riuqGu3suyskhzsKxcLgmPPn9tPMZWQKmEcBWzoGHJ/VpwWfgzCjobOSjD:9gSJyvXn9tPMWcsbzft65qe","tlshash":"d3234b02a384060ed5154f7c8aa4a7da67dafe132951cb0b73ccef6cc9521e44a57bce","first_seen":"2023-04-05T18:16:08Z","last_seen":"2026-04-16T22:16:07.167071Z","times_seen":2068,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/bri-syariah.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/bri-syariah.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DEPgV3UKYMwpwijavPAwr5WH5G4etumnX4Y0RekckyHNkxa6QEVNnboA6i%2BFLL3AdpfI%2BJ%2FCFZzbw9XCd2ndmmef8b2tYaixdOcYbw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff25f66568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/appear/jquery.appear.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/appear/jquery.appear.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 677\r\ncf-ray: 9aa58fe8f8a1c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-610\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1552,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (752)","md5":"5fbd164d0b2001df2ba85327fc6bab39","sha1":"13e083d8852729d2e6cfa3fbcf3955a28275fd00","sha256":"5d19547b40e94ab90e831bec03fc23d4b894894bb93006b3b3fd8d62e2f355ca","sha512":"5e667b534b3c4cd17e92d4404055e434be7bd07544354a2a1ba56947468799525dd86226e0f1f9d0015421941dcea765c566c1d6a8eec4e1106f2e9bf2064f7d","ssdeep":"","tlshash":"6031ff6b31db3a9556fb703fb61f73155221853b0251e052d9fadd7c39b2d42b803a44","first_seen":"2023-03-07T01:10:45Z","last_seen":"2026-04-16T22:16:07.182007Z","times_seen":1998,"resource_available":true,"data":null}},"time_used":635,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":635,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/css/font-awesome.min.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/css/font-awesome.min.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe77cb2c759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:45:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650bf49f-7918\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31000,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-04-17T03:15:40.969978Z","times_seen":244846,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/icon/icon-24dspin.jpg","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/icon/icon-24dspin.jpg HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5339\r\ncf-ray: 9aa58fe7cd93c759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:46:30 GMT\r\netag: \"650bf4d6-14db\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5339,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 210x205, components 3","md5":"97ce6779ea88d190219b696fdd95ad7c","sha1":"14d912aeee43d9c6cebaac1f3c59ea97f7fd364b","sha256":"bb33c75ebfea05c8a890cf324caa643447aff6ccc845cf1b6877d9d0ed214a61","sha512":"f51db55d747f74d9b831a82beb843775ae8a4b6c61c966e0b5366bdfbd65a76267e3a510075d50e8592561a63e92cd39e9908da7e305cf9810b22b9851b12276","ssdeep":"96:Ht193sZq+nJ+b1FVDlxInCZwQy1RUchyAT1CiIGuaXf126FJUQKbSbSbj:Ht193un0xHInT7U+yA1h3uaXfc6jgmmX","tlshash":"17b16bdee1ad8199f07944f849e0b1a85f1459370ee008f68abd0eb60c1a66fc1642db","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.205972Z","times_seen":1597,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bsi.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bsi.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3185\r\ncf-ray: 9aa58fe7fe05c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-c71\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3185,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 78 x 24, 8-bit/color RGBA, non-interlaced","md5":"b9c3e552b73597c4da15f8bf94d0c779","sha1":"9b4e961540c7f03124ecabbb629fde69dec0dc98","sha256":"1f1c5a88de516b2fd7d8fdc290a43689f552ce09d4bbbf2ab3f1394ac064451b","sha512":"4ceb2be4bab5b8a8519b6d09d024da51f5af289e1104f89a17f3a9ee45627192e728a8104fe72a9734cf97c1be09936ffc82ad43d8d9012afd359e0ca1187de2","ssdeep":"","tlshash":"47612a04b957a5a1d10d2e0720e7c62ad8330964cee4b46251ccc00b0aa40a1ef3aafb","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-02-27T00:39:20.455788Z","times_seen":1020,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/morowali.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/morowali.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M8vJeqfPVjWD5BwGsfjJAeO8qjDmYhIB8PqaoSG7xQVedezadgTK6kaTYxtcC97IkvNajTTbMyHAHeLTEZMQqGQHcqFozdJJQnaXlw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2df89568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bri%20syariah.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bri%20syariah.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 34096\r\ncf-ray: 9aa58fe7ee01c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-8530\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34096,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2132 x 501, 8-bit/color RGBA, non-interlaced","md5":"011ed10cceefa76d4696151b0ef89c80","sha1":"699eadb54988bd4d95ea3cde3d3adb1d53918c1a","sha256":"5c828dec1efd8833cdc2f56caab4b72e423745517e4e115d9c140391beb42fe0","sha512":"9f545e356ec5ee427c79ab3b33bb3c171f467eed7d55c6ad84b4264dec2e46a0a214367179b4a66f092f1c43057f35ab39b8cc93ac6d34e11a6bdbc2eb2e9a37","ssdeep":"768:O9iS4r9NdpMpTpVQFLZ1BN5oDWR43r/qtl:6iS4YT6fBNq13rS/","tlshash":"d9e2f225ead40d91e59f35b0eedc9f372bea502ae6d3da8ce77011a01e46433c4086cb","first_seen":"2024-12-23T06:26:40.115457Z","last_seen":"2026-04-14T00:56:44.014828Z","times_seen":158,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"object-d001-cloud.cloudstoragesharingservice.com/banner/image/promotion/IDNTOTOSYD.jpg","fqdn":"object-d001-cloud.cloudstoragesharingservice.com","domain":"cloudstoragesharingservice.com","tld":"com"},"ip":{"addr":"104.18.17.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudstoragesharingservice.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 11:45:16 GMT","end":"Wed, 25 Feb 2026 12:45:03 GMT"},"fingerprint":{"sha1":"35:82:77:C9:F1:1E:C6:F1:E3:6F:56:07:2F:3A:30:D5:64:B4:D7:ED","sha256":"13:DF:CE:03:C7:6A:DE:A3:76:80:CC:51:F6:94:50:25:05:22:B7:9C:48:F4:53:25:C5:54:D2:CE:04:62:3F:97"}}},"request":{"raw":"GET /banner/image/promotion/IDNTOTOSYD.jpg HTTP/1.1\r\nHost: object-d001-cloud.cloudstoragesharingservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://toto123gacor.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 90323\r\ncf-ray: 9aa58fed09303181-OSL\r\ncf-bgj: h2pri\r\netag: \"670f756d-160d3\"\r\nlast-modified: Wed, 16 Oct 2024 08:12:29 GMT\r\nx-frame-options: SAMEORIGIN\r\ncf-cache-status: HIT\r\nage: 3549\r\nexpires: Sun, 07 Dec 2025 20:57:27 GMT\r\ncache-control: public, max-age=14400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90323,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 840x480, components 3","md5":"8db56736ea051fcd404982815367ee0b","sha1":"b5056f17ec73b72f7f6675273ce1f28b6b4d2b46","sha256":"4e02417535468c9d74f33333ea8aa01ee1921f11cf19de61d1f9b1288ca9019c","sha512":"0b82f0c5ea273bfc4f4b5bf6064f17b4881bd8ab384b39b423d1f2a3ec9c5f29dea536aad9a24bddff9c3f89109d26c3ac07516a5c2066f626ee09abb5be2b0d","ssdeep":"1536:6QOQkYEy10jihMFSRHVh+eh58McnIJjB2FH/lq8gnkx38rQIW8BbeV/H:6QOQkYEy10mhMFSRHHb78382F9JxssII","tlshash":"e49302afd1b007c6d8b052b1ae3fdc4de001a51ce6a6a59ff6af45e954dd47c0a90388","first_seen":"2024-10-22T04:17:53.660679Z","last_seen":"2026-04-16T22:16:07.188011Z","times_seen":1340,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":81,"dns":21,"connect":1,"send":0,"wait":13,"receive":4,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/poso.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/poso.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=40kE%2By9q0BghrnHhQBio3nt5VfArI8BZI5kBqMzLqbucbtlwPR0%2F4K%2Bwgm7%2B8KUHgU4FG%2Bj%2F65IUDKiXGgGu2zzgSeEN9e%2B9b3MU6Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff31f9a568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/roulette.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/roulette.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UeGga5Nou52r7b%2FRqm9mQdolVhHk3KIl%2BoZBCQNbYJwHYyFtzeAm1vU67NyovDLIqu3ih0Y6tinvmkgc36MTeHrPpZZ07Q0JPhQV8Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff31f9c568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/shanghai.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/shanghai.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cWtU0Fn6kNADwitei%2BJyRcr2WzaW2oFASr5%2F0gybcW9YTkttPKP%2BL8h3D8XPIt%2F%2BiEg%2FgN0mJwB%2BHC9UBkRdSbfiwT7I%2BZ6X90B2nA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff31f9f568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026version=449.0.1.19.65.170.1.1.4.1.4.25.2\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_configuration?organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026version=449.0.1.19.65.170.1.1.4.1.4.25.2\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=600\r\nexpires: Sun, 07 Dec 2025 17:07:29 GMT\r\ndate: Sun, 07 Dec 2025 16:57:29 GMT\r\ncontent-length: 2129\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6834,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (6834), with no line terminators","md5":"3ea36f58b07b0d375c8755f0018ba701","sha1":"0efa1decd9f1648914e0cf2d5dca5b19e5644b31","sha256":"cb15737af9eb9237964d0f5ad6517fd5b2de2bdb3151f03b6f7227632c2d8ad1","sha512":"a5921af3664cdb3dc6954e370e011762c713ada58c6054a04037e6cc58544e380ead82f496b353eb2cc80edd9e36e0cc3918128e38e4c92177fff8ab3e8a5d61","ssdeep":"192:TGwGEGsXGAp0nyv4Hc2T13k+IqVQJhMZa2b2:TGwGEGsXGAMyvQcufIqV0hMZa2y","tlshash":"51e1242a830bc87b7377965663cbb70f34185179b1f8593fe4a0cb7061862d7d2069ab","first_seen":"2025-12-07T16:58:18.611804Z","last_seen":"2025-12-07T16:58:18.611804Z","times_seen":1,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":184,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landingsplash.xyz/banner/image/promotion/SlideBannerHomepage.jpg","fqdn":"landingsplash.xyz","domain":"landingsplash.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landingsplash.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 05:54:15 GMT","end":"Fri, 06 Mar 2026 06:50:30 GMT"},"fingerprint":{"sha1":"28:F5:8F:29:DC:E0:B9:4D:43:BB:A9:FD:24:C8:AA:38:8A:C8:AB:43","sha256":"44:98:9B:0A:19:20:36:62:D1:E3:1B:29:43:6B:2D:FA:8A:C5:C0:35:0A:48:1D:49:9E:30:12:E3:72:BF:91:13"}}},"request":{"raw":"GET /banner/image/promotion/SlideBannerHomepage.jpg HTTP/1.1\r\nHost: landingsplash.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html\r\nlocation: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/promotion/SlideBannerHomepage.jpg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mfev9Lo4XzpTLYBLXXc7AyJHc06Za7R2%2BTa%2FV%2FBzjq9dWs4BFfVLyBazfQ5mGmUUjbwIgaxLN4WDKDz6MR974ilTMygmajYQ4%2B7AhquMLbyA\"}]}\r\nage: 1110\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: 9aa58fe86fc2783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71875,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":23,"connect":1,"send":0,"wait":23,"receive":0,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bankdki.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bankdki.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 37266\r\ncf-ray: 9aa58fe84f07c759-OSL\r\nlast-modified: Thu, 26 Dec 2024 08:30:06 GMT\r\netag: \"676d140e-9192\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37266,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 192, 8-bit/color RGBA, non-interlaced","md5":"0231d12579686ce4e30bfd667945abe3","sha1":"43270d4c242b651a782027c32ef46e55c265e6ce","sha256":"f8787685f4317792a1b66afcb635119b5f51174ed2f4d81100fcc8d2b2e01881","sha512":"acd68a5ab904b4875b897ea002b4a95376384d5ccfa1126339567ce43c3d5c3c014597aab9b4f7e6ec89314a6a94b290cc59d8f3c40197ac7c8fb6801005b319","ssdeep":"768:o7pxTWUkXWXybKlM8WFjB/Rx58V0k6LFP0RIRMI3w8XdR3AIblRaft:c+UybKlAjv8mvcRGw8XfQIAft","tlshash":"a6f2f2ea7ac2a3e9f856743c802482b8176995df12df0f5f470ddaa2703cd68e425e07","first_seen":"2025-02-23T02:44:50.7079Z","last_seen":"2026-04-16T10:32:07.145401Z","times_seen":87,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/totomacau-19.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/totomacau-19.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dLViifcpX3oIZXzw%2BmjuB7ub0nsXiUgdwA%2FKLvNoEfdVos1FF6vpg%2Bbu4yGxKuP7a%2FsqfHn1jetjq5FOwuLTyM%2FphPEpt8eQY6t34Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff33faf568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/24d-manual.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/24d-manual.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GcsnH8zzA4hZicub6qKBdf7dCNnkT21x72jd0Hasl8xO0rEZfhRXmk3z3WvjW50Zbi2uUK5EZfYl8%2BhMtbMBUcEySsW6M109IVU8ww%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff33fb3568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/dkw/favicon.png","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/dkw/favicon.png HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000; laravel_session=eyJpdiI6IlpBaEVOMFlOUzZIR1dwTkl5Vk5VVmc9PSIsInZhbHVlIjoiY1RmTFFEWXZQRkxmN1A2SklaN3liMlVIaFFUWGRnL0RZR1VWR29rWnRBL2RTSjQ1UmhzUWdnQzJZek91RWVLSkZEaHliOHc2dzlyL3dpdEVjYUxwbmVldUZCTjNkNmJRQTJmWG52WnBsUGY1aFBtaWdhRHJ2QjlYV3ZDQmFFbTl3MWxSWmxxalVwUCt4UFJTay9vZ2tlVUNLUTJjUWI2UEhNbWo2R0Y2ZERsd1V4NCtHRHV1MCs5SFVSQ1dLZUtYY2R3Q0YxQ2xNOVFTQWY0NzljRmZPNkt3aW9wWTV5dVJvYTlMTUZubm9Yb3R2VmIrczMwdTdzaExWT3dyQWwyUjJCVlllaWRPS3BVTUlDVDRTNURwM1laRzdKRWk0UVFSbnZURDJHUmNvL284ZENuUkNwc2VyemlzVGV0TWVwWlVsVno0TUYxZjV5TWZVYkRZOVVRT1BjcmxBMUtrVVR2QmVyY3VjdmhZZFQxQjlWWFROQmZiaS9JSGlseWp2cVgxd3dBc2VmS0RUQXZjUmRac2FXKzRVL3Y1YXczeTUvK3FyV0FUQ0NZRkJEWjFiekZ5OGtJOVZLWkhHZTBDd0h4eWdPQitISFUvd0FmbTM2Q2pPT1VTZXNnUlE4YzM1cENJaU9sSWRjQXpBUlVCdFpsaHAvU1VVUExkQlVidVZyd3IiLCJtYWMiOiI2NzcwMDNhNTg4YjkwNTNiMDFlYjg3MzU4MDRmZWZjMTcxMzU4OTQ1YzM4YzIxZjU4ZWMzNzFiM2Y1ZjEwZTcyIiwidGFnIjoiIn0%3D; cf_clearance=XoTw4EeoLz_LaL.E4MBRyi6ftnhnmvCDfgDr8XUWg2k-1765126649-1.2.1.1-GumEjUbEGuOydtJ7ng290a7C5Kzu_Htr9Kgm4X3OO9XVMP62UrhBUMfmaPFYT2hhCsktvGFwJKIGHggPcDOG2ietfEm6It9qjiOKq29o0jgiiPocYD1LVo3H609hDwr3qf7XzFfav1ul0SdlsiTk6KnxESm5Mjc3chB9A9Oy8XiJpyc6VReRu5SMvRJS58lOkhD4dciyXQ2vPQDUUxYjsSjHK3Fpb0HwZxlYqX4Pj1U\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 1769\r\ncf-ray: 9aa58ff84d90c759-OSL\r\nlast-modified: Wed, 20 Nov 2024 10:35:05 GMT\r\netag: \"673dbb59-6e9\"\r\nexpires: Tue, 06 Jan 2026 16:57:29 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1769,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"f944374d777406cc86b55d12c5890131","sha1":"ab67be66880afd78cd917f133c552281ca6d2994","sha256":"f1e8494259d4b0d05c10d98fac3c0be5662926f11ffc2349aff4e41440c894be","sha512":"cc392299c5bc4ddb5228b26c5381bb7793012fc0699abde6ea2523d27ad28bb99ed175534abcb1dc90096828e97d19a8406ac1b2e84224da1e567e3a83b4c7ca","ssdeep":"","tlshash":"e431c69eee9438c1b92cd6a034f543f724422840d9d0f8e6eb8fc0666e755b419365cb","first_seen":"2025-07-21T21:59:57.448056Z","last_seen":"2026-04-12T22:43:34.782176Z","times_seen":4,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/dice-6.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/dice-6.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vQrIFPg4xYjqbywodrhzWUsZ7m%2FRRQurhYRbTJx8vrt3X26LXBprmk20ii3%2Boo6l9nRV4XohThNZgj%2BkcKNEvwLX0B7oV%2BIGBow%2FMg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff34fbf568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/js/frontend/desktop/template_v1/before/index.js?v=mgkt6h1vnatns72muqoz","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /js/frontend/desktop/template_v1/before/index.js?v=mgkt6h1vnatns72muqoz HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 4242\r\ncf-ray: 9aa58fe8f8bac759-OSL\r\nlast-modified: Tue, 15 Apr 2025 05:40:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67fdf158-3078\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12408,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12408), with no line terminators","md5":"6e5ce401fa29e20cf8f52e5d754a5d5a","sha1":"b55566fc452442bfffc73943eea5177ccd00fcac","sha256":"7f1d23659e76eca87d310351b7598a64201f99a8be2a947319f0182cdc3b0cd2","sha512":"e4ac4422d6aeee85a36002a6ca346faad7e1de6510ed0253b2130dfefba2bf6d3e186a0907af294df5d71118a002f6dfc6cc9f2e4e9eef40ce374fed672bcfd5","ssdeep":"192:ATn2PoqeRfRll0OR4HCcbNQNJ/OhxwBZcAoL/3eqnhqgSt081qq44WIzEtMyCGWV:YpqEPRfeIJWhDAoSD3t0mlxWeyOfOydJ","tlshash":"3c4294c8b6c6f47503d36670902f1106f23a6919b51d9480f72de9d2be7884ea237fb9","first_seen":"2025-04-15T10:15:48.992845Z","last_seen":"2026-04-16T22:16:07.200643Z","times_seen":1495,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/cambodia.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/cambodia.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4UPtXbBSYUIq7E2qMy8%2BQNUWFN6Lt3fTPJuU6pWOhxqxwl%2BJYWoAdOksMGurLTkcvTM0CI5axHanCiP0rnjnqF7Iy7hxrURWOueMsA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff34fbc568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/css/game_compressed_ic.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/css/game_compressed_ic.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe79cfac759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:45:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650bf49f-b08\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2824,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"05fa3ce826ade67f9423c36dfd5efdc2","sha1":"634ec178c49df84b93c386e78b2c51336216f4a2","sha256":"ffba6e80680a3cc582c45c65033d427529ef1ff5dede865ccd878a4dc42308da","sha512":"aa26a856cd5bd8a4000ce5f15e69f19c96bdc1011d571e1082ed089c530623e50b7e92c59213f886d295cf0006630689c41d27eaa498b02ff633a56929ff2cd0","ssdeep":"","tlshash":"1e515b37299574ceb01985a46925bb18870d894af24d0e2cfa3efefdb70c0469873dc9","first_seen":"2025-12-04T05:42:46.011586Z","last_seen":"2026-04-16T22:16:07.13777Z","times_seen":476,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/danamon.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/danamon.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 897\r\ncf-ray: 9aa58fe7fe19c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-381\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":897,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 83 x 21, 8-bit colormap, non-interlaced","md5":"09c3d58d1975cda982b351344ed43da1","sha1":"83c6e4c954bd431779cbc478472e3931c65f204e","sha256":"3e911cbcd7f001af49b046d34bb7cc40c9b2e3ff280d0da498641c99a6509dfe","sha512":"c1b780aba1e8a03e333a7e35bf08a4c2037a1b6989ce86831243bcc1d4d0f8c9eae6fc8430f540de41a90f2ad6b4da91eca2cbe3902d0e0e05d6f06d287c63cd","ssdeep":"","tlshash":"a811b7f69c11381c64d1f9d3302fc26ca53d12521ab1874bd7972cbaee2f6800054270","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T10:32:07.150208Z","times_seen":1081,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/tweet-js/jquery.tweet.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/tweet-js/jquery.tweet.min.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3078\r\ncf-ray: 9aa58fe8e89cc759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-2011\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8209,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8199), with no line terminators","md5":"e6d5a5f7a0d7af2a2c63b97919cac65a","sha1":"1f61ee273e334ebd7388e219157bf8654482f009","sha256":"431cff4d223f3296f7d4b543573271745a91d9069a3666844fb3b037aad844c7","sha512":"a8b64bfe5a39d6b58e1d5b9d1864ffb0e87be8e164a0cf71a39fcbad5c4a81fb4ad400dc6416e6a970265d3804954809949678bcc639fb10f763767777ac6922","ssdeep":"192:7IXczrVLA8Tmk+a5m21yVTp5Czsa5qdmzVQjBIxbFDyZ1ewMOVrkxmtUtkwR:PAOjXsa5wmiP1utkwR","tlshash":"63029370f196503b0ae32272b91b6390b73dca4bc5d5dd53c37594482fa5f96a232ac3","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.220548Z","times_seen":2047,"resource_available":true,"data":null}},"time_used":635,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":635,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/loader.gif","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/loader.gif HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/assets/css/dkw/dkw2.css?v=1765126635\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\ncontent-type: image/gif\r\ncontent-length: 5517\r\ncf-ray: 9aa58fed2a9ec759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:46:32 GMT\r\netag: \"650bf4d8-158d\"\r\nexpires: Tue, 06 Jan 2026 16:57:28 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5517,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 15 x 15","md5":"bc1bcccc4a3342d2063088deae7d17a3","sha1":"a1a988f912d3e17a908945750b91b508672ccac1","sha256":"a76090f2d604a7e9bd429900001b367ae94f52d749fd0f94706be887d87cce7f","sha512":"08c93c3506f083bfbe9ba6d7f9824f871ca145ed9bc431c248d3352a05cf23db90ae2f39bdefa532e8d16f29b623d3d91664753ee471fb606a2b082b6cf791c3","ssdeep":"48:0zXKn2kC7TYJJ3C+gXfU8wzXKn2kCdf4JJ3CUgPfU8GzXKn2kPJJ3CQgrfU84Wy6:K62K4fC62rSYfU62q0fI62oGfw620ifL","tlshash":"cfb1980de9d0bc05458de9c92de7d43a1b1108508ee8eeaaaccec8568a18077cd2d7df","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.085889Z","times_seen":2004,"resource_available":false,"data":null}},"time_used":502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/nivo-lightbox/css/themes/default/default.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/nivo-lightbox/css/themes/default/default.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe79ce5c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-91f\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2335,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"701a1e3d0716ea44e6efca8e242164e5","sha1":"a38f953d2b470cf6de67c78ff8019a64b7263266","sha256":"61bf4f0d6d9585b0d12ec015e8ad0c0df1a7f0413a0e1195e2697f47a0a838d7","sha512":"298887a999a4d381355788e9ec4da1aaae7689d64befd3ee2b0fcaddfb91e3ca7b736c9a3906ce6da5762bb48171fe9cd506e8fc4f6f8312816e7f870c3ce73f","ssdeep":"","tlshash":"ce412a3a7754a14d71eea1133104d3b61b6d884ffe11357f46e9a4a3f6c309a8c23b91","first_seen":"2024-08-20T10:52:52.925472Z","last_seen":"2026-04-16T22:16:07.134152Z","times_seen":480,"resource_available":false,"data":null}},"time_used":620,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":620,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/dbs.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/dbs.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 35293\r\ncf-ray: 9aa58fe86f52c759-OSL\r\nlast-modified: Tue, 31 Dec 2024 08:45:05 GMT\r\netag: \"6773af11-89dd\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35293,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3840 x 2160, 4-bit colormap, non-interlaced","md5":"14fb500fa5ba37f8806d526bf2e2ad8d","sha1":"83a792e6eb5e2d34fd01c32bbe780e3156173b40","sha256":"504f256603ff616123a2d082f00c5df2ea9949bff15e19ae656191e454db877a","sha512":"65956bd21a5be6436e88570b4de18b2288f9a48355247784166dfee78a664250cc50fba09283464c56f3749fd36e783268fed5d8d319a29cb0068f3e1307f82a","ssdeep":"768:qDSJ/oT+FlRyNoxfbL5MN51qBCpo+XHVmbebiUTW72Gyb:PJoTYPzW51YCpbXwCW7Kb","tlshash":"60f2e1e476ce4f09fcd84174059484d5fdbbba7a1741e1c24c878aa3a8870c9774ac57","first_seen":"2025-03-10T01:18:36.778808Z","last_seen":"2026-04-16T10:32:07.200628Z","times_seen":90,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/text-rotator/jquery.simple-text-rotator.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/text-rotator/jquery.simple-text-rotator.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 783\r\ncf-ray: 9aa58fe8e883c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-df0\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3568,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (377)","md5":"9964685a5509aabd8ab04dc6257d97f5","sha1":"927c58db28fb33c328a5a0bab4f9e3a93555f651","sha256":"95df7f4d192968c5c68e43a936016ad025fac7ce02a221a1bf13be6592667c30","sha512":"f58116f313f5d862f6f561383d60e0cef0056bb77013b9060b60e3a2a225fb2d55cb5691da77b5cd76ca10f71929f1697b267bde4ee489352efa3475f58ed279","ssdeep":"","tlshash":"d171e34a68fb48bdce3a91eb83ee1f56247909b28c006441139b5b7e08f19456bdde63","first_seen":"2023-10-15T16:21:25Z","last_seen":"2026-04-16T22:16:07.165472Z","times_seen":1808,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/dana.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/dana.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wY6V0AQ%2BqvVOaP1tE2UpQylZnPqMr9143YFfq%2BR%2BEz0WJGVjBoyQq9V10a%2BoAUAMKq8F6SnyBjBGkBbJGRG1tsdv1nwlcEihSeUCJQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff24f61568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/css/vendor/ribbons/3d-corner-ribbons.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/css/vendor/ribbons/3d-corner-ribbons.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe78cbfc759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:45:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650bf49f-1598\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5528,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (428)","md5":"88b7c3a6414f46ea6d8487cf9f210ca2","sha1":"bd723876d02bf30eb94170476a9c46dafc3f07ea","sha256":"20b434a57bf4200f827db0dbbef637b3a0ccdea4f0115dd1df9f9cb3aebbbeca","sha512":"147a623bf4e9b7cdb2eeb63c974afe76d51491531493e750fc563fe247880deeb8cde6d72819b94b7e44f7dc425cbc347de2f7b7a0b9e0d14e2dfc481f3f350a","ssdeep":"96:qSV3jnnDckrtESMXWgu+4C7+yG1eZu3n6emwZyvvBfUGNASc7X0IqjJtd:q43znDckwuAckibmrvm8catP","tlshash":"edb14a159c9990e8e217811fbbf9be58c72d9153ad11ceaef306e4f7036a18810b6f53","first_seen":"2025-12-04T05:42:45.855298Z","last_seen":"2026-04-16T22:16:07.155098Z","times_seen":473,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/mandiri.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/mandiri.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1127\r\ncf-ray: 9aa58fe80e44c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-467\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1127,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 86 x 25, 8-bit colormap, non-interlaced","md5":"d6370af97aa7f285493a9aecb3e33a42","sha1":"9a52cc25ace828f731b8790593a2aef19a7b2d23","sha256":"5e829a18cd9f27940b0bcfd8cbdc4395f368de18d89fd96bf09fcd5cf267a58a","sha512":"6414efee3383e0689225b4f5a2225d2bf5f9c50e04d78ea286cea5710d549f8f7cc363eb533d0b61cfe5e4d48c58b8e21660d7ce0df49fa552a3f3233460269a","ssdeep":"","tlshash":"54219687b6e67cf895399912396a304a8f990511ac34d305078e670347f58d2bca73b6","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.181278Z","times_seen":1614,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/bni-syariah.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/bni-syariah.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GjBW%2Bq37sqXIuPXr6DYlmje%2Fxn6Hpuemw7s8ND44oFgIbEKVCUQc%2BzmA0s1Nj45gXqxzJblpuI5qkWvCcEE0OuxLouvA3iuv0B%2BjWw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff25f68568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/danamonoff.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/danamonoff.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=biOYHPbTxW98JBYE73Rm2Ld9qegimrKkQkyCYM1HZ37vVWWAB40UdeHxgAtKrnTdezonrSz8TCt1f%2BMZprnURIyi0j7w4EhnBPiaBA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2bf7b568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/json/fetch/index/data","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:30.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /json/fetch/index/data HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://toto123gacor.rest/\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000; laravel_session=eyJpdiI6IlpBaEVOMFlOUzZIR1dwTkl5Vk5VVmc9PSIsInZhbHVlIjoiY1RmTFFEWXZQRkxmN1A2SklaN3liMlVIaFFUWGRnL0RZR1VWR29rWnRBL2RTSjQ1UmhzUWdnQzJZek91RWVLSkZEaHliOHc2dzlyL3dpdEVjYUxwbmVldUZCTjNkNmJRQTJmWG52WnBsUGY1aFBtaWdhRHJ2QjlYV3ZDQmFFbTl3MWxSWmxxalVwUCt4UFJTay9vZ2tlVUNLUTJjUWI2UEhNbWo2R0Y2ZERsd1V4NCtHRHV1MCs5SFVSQ1dLZUtYY2R3Q0YxQ2xNOVFTQWY0NzljRmZPNkt3aW9wWTV5dVJvYTlMTUZubm9Yb3R2VmIrczMwdTdzaExWT3dyQWwyUjJCVlllaWRPS3BVTUlDVDRTNURwM1laRzdKRWk0UVFSbnZURDJHUmNvL284ZENuUkNwc2VyemlzVGV0TWVwWlVsVno0TUYxZjV5TWZVYkRZOVVRT1BjcmxBMUtrVVR2QmVyY3VjdmhZZFQxQjlWWFROQmZiaS9JSGlseWp2cVgxd3dBc2VmS0RUQXZjUmRac2FXKzRVL3Y1YXczeTUvK3FyV0FUQ0NZRkJEWjFiekZ5OGtJOVZLWkhHZTBDd0h4eWdPQitISFUvd0FmbTM2Q2pPT1VTZXNnUlE4YzM1cENJaU9sSWRjQXpBUlVCdFpsaHAvU1VVUExkQlVidVZyd3IiLCJtYWMiOiI2NzcwMDNhNTg4YjkwNTNiMDFlYjg3MzU4MDRmZWZjMTcxMzU4OTQ1YzM4YzIxZjU4ZWMzNzFiM2Y1ZjEwZTcyIiwidGFnIjoiIn0%3D; cf_clearance=XoTw4EeoLz_LaL.E4MBRyi6ftnhnmvCDfgDr8XUWg2k-1765126649-1.2.1.1-GumEjUbEGuOydtJ7ng290a7C5Kzu_Htr9Kgm4X3OO9XVMP62UrhBUMfmaPFYT2hhCsktvGFwJKIGHggPcDOG2ietfEm6It9qjiOKq29o0jgiiPocYD1LVo3H609hDwr3qf7XzFfav1ul0SdlsiTk6KnxESm5Mjc3chB9A9Oy8XiJpyc6VReRu5SMvRJS58lOkhD4dciyXQ2vPQDUUxYjsSjHK3Fpb0HwZxlYqX4Pj1U\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-type: application/json\r\ncf-ray: 9aa58ffdab43c759-OSL\r\nvary: Accept-Encoding\r\ncache-control: public, s-maxage=900\r\nx-cacheable: 1\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000;includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nage: 0\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26922,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"441984683a926b869895ca47dfc75d70","sha1":"8d3fa3b5c2414bac0f36eaeb2866ccf1d2f7e542","sha256":"c3f8c38cf7e3c5a5c138ff02382a7dea150fcfd84722dca6df30f57b503e7fa9","sha512":"0054af28e60c42352931226f73c4030f00a835a97c39935d7e61af61ae2d10ddaad8acc0fdcd025ad128010b2ed4b41e2336b13690fe8cd13ffef5972943891e","ssdeep":"768:zCWX2Z3/g5CPghdOV08xwlT4mE31YGlOkvG3gXGHX0IHnMmj0yl2G44NS3crg3C/:zCWX2Z3/g5CPghdOV08xwlT4mE31YGlo","tlshash":"07c24eba2d94257ae50b0eda326b13cf7ab0a821dd4f846462edcb0d8734d106fbd51d","first_seen":"2025-12-07T16:58:18.625607Z","last_seen":"2025-12-07T16:58:18.625607Z","times_seen":1,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bank%20aladin.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bank%20aladin.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 37325\r\ncf-ray: 9aa58fe8c81cc759-OSL\r\nlast-modified: Fri, 27 Dec 2024 06:45:05 GMT\r\netag: \"676e4cf1-91cd\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37325,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 790 x 338, 8-bit/color RGBA, non-interlaced","md5":"c0eb0d2d0ba491ab676596d7c1162883","sha1":"bee90648ef0b4052575ae2ae106bcdc46e1321ff","sha256":"09c27a0e4998b4f5d12a099e6ba133d26671e1b3cf2de72e2f1b695b7f6462b4","sha512":"e5b0a2daa7c7494386c5365012e2b591697f8d7f9c65bd49d2f5baec1e9a857405e3364defdff61d6f6a35bb5215101cfc029ff079a9f8e2bc8925fe6a95e997","ssdeep":"768:SLbiU+NtX6TqXCgsFHc0x/JAuxfu3cYqSFQLLc9x7Cbmirl3:8bl29bIHd5Jxx239qS6Wx7Umu","tlshash":"19f2f15b893bc33dae8aa69e07bd394561833547fbb30ef91e89b065342ef0c4047154","first_seen":"2025-03-10T01:18:36.720354Z","last_seen":"2026-04-16T10:32:07.165622Z","times_seen":61,"resource_available":false,"data":null}},"time_used":889,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":651,"receive":238,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/skrollr/skrollr.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/skrollr/skrollr.min.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 5418\r\ncf-ray: 9aa58fe8e873c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-3048\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12360,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12360), with no line terminators","md5":"7d6ae9201bf4c1d83ebcacc6da3ec09b","sha1":"65b20f0c1dba10c7ba3d644fba7ae80ae08d4ced","sha256":"911dccc7a59863b46d628fdac57d96a7cbf72325fe2555d2a3d165c6258d3464","sha512":"023903172cf7ec0d5fb06f0ed9dbe90146ff5b2ddb8bf5db81f9587078d28d2c9cd22808acee7253eecb779142e92e3b708a2b167a7dddf93ae26cd92bb5c6c6","ssdeep":"384:r/UqdA5yNpXXTLLeT5RyFNPsJ1S+Cmna5WbYBQeU/pBr:r7o6TLLeT5kXk13Bbt/pF","tlshash":"a44209ceb549b47043c375e6c10f5249b236589de8088465ff25dcdbac38c7a01abf6a","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.073217Z","times_seen":2048,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/china.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/china.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G2021Ty0L8XmWotSznbo1gSm%2BWmub4%2BzBY%2FObLPhNS9w3aqSfWMRP8b%2B6qShClm97IUuRsxqNXiXRwgiAAAZx4VfwUDABZAUcKUNQg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff34fbe568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 07 Dec 2025 16:57:29 GMT\r\ncontent-length: 0\r\ncf-ray: 9aa58ff49c77c759-OSL\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/5eaf848a0845/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10282,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/icon/icon-pools.jpg","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/icon/icon-pools.jpg HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 6870\r\ncf-ray: 9aa58fe7cd87c759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:46:30 GMT\r\netag: \"650bf4d6-1ad6\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6870,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 210x205, components 3","md5":"1b61fe941c5f21b6a5b2a0021304325e","sha1":"57e917596324667df9bb88ef7aaa181bfd53ae0a","sha256":"c1af05964be2562a6bbf7c1d8f2a19554198d2e2c1980454a2b8f61f307772ff","sha512":"9072ec7b6b3efd84f1ca7409fb97f312d1a5731ffb9e2211bfb94e459dc9d92c6a260ca5f19ab994cdaee99153a3ad17194b40c26cc7545cb6cc4fee6fc5934e","ssdeep":"192:obNAW9Q/ok/Z6oHEwnklyK63TzFlT+u6KUt8ICBtlyzos7PE:kA3dB6MEwnklyK63FlquYKBXyzosQ","tlshash":"5de19dbe213a9c21cde70b3f31b7dc018a44d855d06b69c996eb39903720085e4e9e3f","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.151232Z","times_seen":1622,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/nabire.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/nabire.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rfBMA5C8GnajFOgzIZXCcYgWlM0sEGd70bPUrWTp7itUwQwLUoTtvPxw3%2Bw%2B3IyUPJ0aa19gaNREkXXuU6zPJ7hxP%2FYWd7RznPrGMQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff30f91568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/6.B0_QvnEW.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/6.B0_QvnEW.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxMYt4_BRQR7UTcRkZjdtj1OuNQhRQzc3kqop5qsm4F-xfp9AJoGHDcuFny0B30wemuO\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\netag: \"bb2424b90285d46f921f699e7b3d17d5\"\r\nx-goog-generation: 1764933291340156\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 886\r\nx-goog-hash: crc32c=LRbwvg==, md5=uyQkuQKF1G+SH2meez0X1Q==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-length: 886\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":886,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"data","md5":"bb2424b90285d46f921f699e7b3d17d5","sha1":"412e217bd4cfbafc553fc36b9094d0ece147a429","sha256":"2b1840010c419cf6839e4a18ffd0eec542b4c0d0c49ce5606bf93639afda5ff5","sha512":"f283f440d13fb69e25c115fd3e9dcab60cf937ed1ad964644f9719abba510e9f99ac82747ef2aba6991de08cbe10a8965c0d352c380dfa471d2b6753beba021f","ssdeep":"","tlshash":"a41100d93cc3d8b0d73bd4cc52a899e6d43c0e88a8fd41c0e4f86e853b155b18236ea8","first_seen":"2025-11-05T08:48:35.692413Z","last_seen":"2026-02-25T11:20:48.331177Z","times_seen":7795,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/wlb2c/icons/numbers/dt/dragon.png","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:30.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/wlb2c/icons/numbers/dt/dragon.png HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000; laravel_session=eyJpdiI6IlpBaEVOMFlOUzZIR1dwTkl5Vk5VVmc9PSIsInZhbHVlIjoiY1RmTFFEWXZQRkxmN1A2SklaN3liMlVIaFFUWGRnL0RZR1VWR29rWnRBL2RTSjQ1UmhzUWdnQzJZek91RWVLSkZEaHliOHc2dzlyL3dpdEVjYUxwbmVldUZCTjNkNmJRQTJmWG52WnBsUGY1aFBtaWdhRHJ2QjlYV3ZDQmFFbTl3MWxSWmxxalVwUCt4UFJTay9vZ2tlVUNLUTJjUWI2UEhNbWo2R0Y2ZERsd1V4NCtHRHV1MCs5SFVSQ1dLZUtYY2R3Q0YxQ2xNOVFTQWY0NzljRmZPNkt3aW9wWTV5dVJvYTlMTUZubm9Yb3R2VmIrczMwdTdzaExWT3dyQWwyUjJCVlllaWRPS3BVTUlDVDRTNURwM1laRzdKRWk0UVFSbnZURDJHUmNvL284ZENuUkNwc2VyemlzVGV0TWVwWlVsVno0TUYxZjV5TWZVYkRZOVVRT1BjcmxBMUtrVVR2QmVyY3VjdmhZZFQxQjlWWFROQmZiaS9JSGlseWp2cVgxd3dBc2VmS0RUQXZjUmRac2FXKzRVL3Y1YXczeTUvK3FyV0FUQ0NZRkJEWjFiekZ5OGtJOVZLWkhHZTBDd0h4eWdPQitISFUvd0FmbTM2Q2pPT1VTZXNnUlE4YzM1cENJaU9sSWRjQXpBUlVCdFpsaHAvU1VVUExkQlVidVZyd3IiLCJtYWMiOiI2NzcwMDNhNTg4YjkwNTNiMDFlYjg3MzU4MDRmZWZjMTcxMzU4OTQ1YzM4YzIxZjU4ZWMzNzFiM2Y1ZjEwZTcyIiwidGFnIjoiIn0%3D; cf_clearance=XoTw4EeoLz_LaL.E4MBRyi6ftnhnmvCDfgDr8XUWg2k-1765126649-1.2.1.1-GumEjUbEGuOydtJ7ng290a7C5Kzu_Htr9Kgm4X3OO9XVMP62UrhBUMfmaPFYT2hhCsktvGFwJKIGHggPcDOG2ietfEm6It9qjiOKq29o0jgiiPocYD1LVo3H609hDwr3qf7XzFfav1ul0SdlsiTk6KnxESm5Mjc3chB9A9Oy8XiJpyc6VReRu5SMvRJS58lOkhD4dciyXQ2vPQDUUxYjsSjHK3Fpb0HwZxlYqX4Pj1U\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 8988\r\ncf-ray: 9aa58fff1eb8c759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:46:33 GMT\r\netag: \"650bf4d9-231c\"\r\nexpires: Tue, 06 Jan 2026 16:57:30 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8988,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 4-bit colormap, non-interlaced","md5":"7234dff7e392a061cd7b803ec9f17c17","sha1":"86e92366f6f49ea09920b5d71b57092bf0ccdbfe","sha256":"119d96453aceb107180da0d71272f3a1e15771e4e2a19ceeffb94b3a541e1001","sha512":"a17bbc3495b91fbe83bd857dd1bc111730660df74d2898e4e7f2082959e2c28b992ccf3a974a100ce3d9198fa0e05e6327ff22e5f5550283c9bda54f7864fae5","ssdeep":"192:HPmVDnmHv2pCuax4puRu4bo9Y4byP4EUNNlNrnJWRu2l:HPODmECZxaXpePizrJWl","tlshash":"df02af42d4828b87ca57bb9a463903a7c95ad618d6ddc4238ce875cbc887f191351c7f","first_seen":"2023-10-15T16:21:26Z","last_seen":"2026-04-16T16:12:09.368728Z","times_seen":725,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/0.BnUl-svj.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/0.BnUl-svj.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxMRvn4llaHBaRbXTZrvt_fI9_zXcKgOkIwRXlecBSsUJ2uJeWBCnaoCMZJ5AzaLi7pljiurbZI\r\nx-goog-generation: 1764933291267102\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 74947\r\nx-goog-hash: crc32c=g+LRGg==, md5=kGMAfnfSKOsghapbGtpm4w==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\ncontent-length: 23572\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":74947,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9063007e77d228eb2085aa5b1ada66e3","sha1":"f407a9a4472cc7cd0a2ecb2837d8697859b26c33","sha256":"aa9926d78b9e445135f2ebf5be42b34341ee0a737d35c490ceaa5653c9676546","sha512":"e4e8a56a3b4918f154068850656312c47b654b937d6ef40e5b21e120fbc8510c8469d79f5ad61babc9e7534b30f78558d120111370d8708bb8b05c229fb541a5","ssdeep":"1536:4rIjHt056UtzjrsG73DDnY3wi6Dt3Gx4Q2FNVgoMJzEqLzT:mMHwt/rsG73tDt3U4Q2lyJzEqLn","tlshash":"5d73f7d2f686f9398be794e511385043f9267a18b82c8170f36cce61219e2c76177f6b","first_seen":"2025-12-05T11:45:39.966442Z","last_seen":"2025-12-08T08:57:32.360418Z","times_seen":213,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/js/auth/login.js?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /js/auth/login.js?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 9aa58fe8f8b6c759-OSL\r\nlast-modified: Mon, 01 Dec 2025 14:48:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"692daabb-7e3e\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32318,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32318), with no line terminators","md5":"deed0cdf923a4c3df7b304e0de77babb","sha1":"8cf62733452e10f15f39d174ab9e30bfafa24bf5","sha256":"f803b887d67769db325a80f18b28184347181470ee5a88898c06dace2f962b93","sha512":"50274f0b996f60aaa5eea717f4e282a2448664c1c00cd885d22046dee70da4ccf3b802881f14bd208e1e53916b3365b1191cebfb095b7df433b6bf6aa70755e1","ssdeep":"768:ecgL4xGwcgZQadosTJ+tvOx5AActYjQBN:ecgL4xftndoRtmp8KQ3","tlshash":"4ae2d88cf2c3f47907c3a16d801f8415f23ba454a5498898b75fcae269b598de123fb9","first_seen":"2025-12-01T18:46:12.831338Z","last_seen":"2025-12-17T20:21:18.082635Z","times_seen":93,"resource_available":true,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"iframe.oasisid.com/idnl.js","fqdn":"iframe.oasisid.com","domain":"oasisid.com","tld":"com"},"ip":{"addr":"34.142.172.125","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iframe.oasisid.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Dec 2025 17:38:23 GMT","end":"Mon, 02 Mar 2026 17:38:22 GMT"},"fingerprint":{"sha1":"0B:40:30:B4:BD:0E:33:0E:29:7F:01:35:E6:C0:2F:F5:EB:65:9B:EC","sha256":"CD:6F:ED:F3:24:3F:B3:8F:86:2C:93:72:BE:76:6C:9A:4D:E6:B0:5B:B6:02:BC:EB:74:1A:4C:1B:15:C5:D0:9D"}}},"request":{"raw":"GET /idnl.js HTTP/1.1\r\nHost: iframe.oasisid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 07 Dec 2025 16:57:28 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 19871\r\nLast-Modified: Wed, 08 Oct 2025 16:31:01 GMT\r\nConnection: keep-alive\r\nETag: \"68e691c5-4d9f\"\r\nCache-Control: no-store, no-cache, must-revalidate, proxy-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19871,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19871), with no line terminators","md5":"c2a621694b3d71fcfc5867ae8de9682e","sha1":"76eed4e579c13cd2500afa966712353c9a397171","sha256":"b66d030208c35e79708435f27da5bd708fe5cf447d298a3abc054045611570de","sha512":"20fd2449d026cac58a85d5ea58dacb5635c37e3eafa6807668a0075affa00ebda1adcf5e6fba455b1812c02d9e7c173081df9622f935a255359fb58a248a19e5","ssdeep":"384:npgQxhy9umBqUiTaVxxMxgQZPJgEzTFWcgUb8u4v3QWht:pgQ+9fUyxxMeQZPJgITFWcgUYu4ht","tlshash":"8f9220183eb07d63260a7bfb361ab4e8d8847c5ee952049fe144ec91b549173e6f1638","first_seen":"2025-10-04T02:43:23.602403Z","last_seen":"2026-04-08T05:36:06.781804Z","times_seen":61,"resource_available":true,"data":null}},"time_used":1251,"timings":{"blocked":395,"dns":38,"connect":197,"send":0,"wait":391,"receive":14,"ssl":208},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/icon/icon-roulette.jpg","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/icon/icon-roulette.jpg HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5961\r\ncf-ray: 9aa58fe7cda6c759-OSL\r\nlast-modified: Tue, 26 Mar 2024 08:43:46 GMT\r\netag: \"66028ac2-1749\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5961,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 210x205, components 3","md5":"4c00c62f6892b38be72ff21ba77bcd4f","sha1":"cd3e7855bd7252fca7ee624819769b219e62afa9","sha256":"df04e5456a26d89d36120c6078dadfb6e84b37b635c5b8f75a1ac75c27e1fc41","sha512":"b143dab0190dcd15de7220ee69def82732824d01f60d6428abf03d772b6440ec01d85bcbbed4d95209ea157d3781d892bb62502ba29f6624fa33c463ad78145b","ssdeep":"96:dGyZjfHeWJzRdWClke5tzFNN3CEBqm0SIlzE47ge6+u1qlTc/7jz7Gs:dGyZjNJldWClkM18fm031EhUczjz3","tlshash":"18c17e611b7d5036cdba10f1cb66b21abe0e5f8029c54eb54d3936499cecb7244f906f","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.100628Z","times_seen":1560,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bukopin.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bukopin.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 24072\r\ncf-ray: 9aa58fe84f14c759-OSL\r\nlast-modified: Tue, 31 Dec 2024 08:45:05 GMT\r\netag: \"6773af11-5e08\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24072,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 816 x 568, 8-bit/color RGBA, non-interlaced","md5":"757c9abf361bec9eec46d677b6a748b6","sha1":"62c3aa9d9c006e8cfa2684c825783fc14d51c6a5","sha256":"bec001371a4a50da1dfc0ab2e7e663ade386d124920b251f9e3bfebce0638032","sha512":"8f7e9a977b23a1bda9ebdfeb919aab009a54d9748c052de94ee9c2379b0a7e45b4310daff85e7c2766e24e58e921c109f439919dc48901e3ca54fb5639a40f2a","ssdeep":"384:EuHSOMHD95TMEs1ULEi1Oap0HOEAie2PhLuktGtJqS1yC99ZXx5zFYWnD64/LAeE:lMLUUAvapIOEr5KGGnq4z99hx5ZfLURJ","tlshash":"5db2e1eb1536d105d0ea813cc1a10b2daeb296772c3183616ad75dd31d2b71d6ff09b4","first_seen":"2025-03-10T01:18:36.814085Z","last_seen":"2026-04-16T10:32:07.151234Z","times_seen":102,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bank%20maluku.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bank%20maluku.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 117101\r\ncf-ray: 9aa58fe8c82ec759-OSL\r\nlast-modified: Fri, 27 Dec 2024 06:45:05 GMT\r\netag: \"676e4cf1-1c96d\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117101,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 296, 8-bit/color RGBA, non-interlaced","md5":"6de22bdbd5a96c65138aaa726ab332da","sha1":"40a7a5cf728d55bd50a2ec60f6e7433cb2b12385","sha256":"41cf483781e0d93bbc94dda097d93eef266d5e6198bf7af5011d90f0a92a0aa7","sha512":"ee0fb6a82a697e8b348b91876d83d773c86bffae3e58740868044a11b77bd76c341f3960b6f82dd30edb3f3c9585c43fb7610eec375d044a69d93d4a35130a99","ssdeep":"3072:tXGJP//Yhk+u+YB2sYxhhSQBUYSZ+45cGYUNg/2iYTskwS:tXs/r+u+K2lxhhSQyET/+iHkwS","tlshash":"f2b312530c2d2d0ecb8f1496e5315c13a9e68cfc939b4e65a1c66be07cb3b443d8582b","first_seen":"2025-03-10T01:18:36.810097Z","last_seen":"2026-04-16T10:32:07.204241Z","times_seen":70,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/linkajaoff.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/linkajaoff.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8W0d9DxVO%2FvnWKlQ48X6449slaQDM98AHVvS2I%2ByTlJtOqM3CAtzo2JxmH41cEC7Sjn1bSwV%2FQj575H1nzcDFfQLiG48PGlY9b8mjA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2bf77568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/majene.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/majene.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a7dxBgqkviT09Dt3mTqaUDzZ%2BcfNe1VhPnj6pL6OeZDFtpExOeggHUWJiYeUoOgEFUiRYM5TGJ0ei6C2hiVk8UVwRKLRF8t5GKM8mg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2ff8f568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/css/bank.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /css/bank.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe79ce9c759-OSL\r\nlast-modified: Mon, 26 Dec 2022 09:00:25 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63a962a9-1a75\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6773,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"927f14cdc2e033eb7d04d6a9af03f6e5","sha1":"95a1493c0183e6ee5eaa0af8e2cd589f71cfc4da","sha256":"eddd23324bf76ed8e866721eebb71ea1ccf9a217f967dcdb5a8d03196747fa22","sha512":"81362fcf4a7c1fc82703f075a6b7b71b06deb7a29a1fd1532c4257490bc52744578826ebb3434807c5b0a95aa6a997c1a30f411cec75613f11d88515806ca68e","ssdeep":"96:gDD6ziSw7CHww/3iP9PEZZPR7qXBLVn/RydJL9EI7CzuAW/Kv:gv66CQK3oKZKBI2","tlshash":"e3e16a26d6d23484ac0bb52014b69fe412395013ef1e5e2d72ceb7bd6f860f5b1a39d1","first_seen":"2025-05-13T11:43:45.096809Z","last_seen":"2026-04-16T22:16:07.180615Z","times_seen":487,"resource_available":false,"data":null}},"time_used":630,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":630,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"object-d001-cloud.cloudstoragesharingservice.com/banner/image/promotion/IDNTOTTOHK.jpg","fqdn":"object-d001-cloud.cloudstoragesharingservice.com","domain":"cloudstoragesharingservice.com","tld":"com"},"ip":{"addr":"104.18.17.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudstoragesharingservice.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 11:45:16 GMT","end":"Wed, 25 Feb 2026 12:45:03 GMT"},"fingerprint":{"sha1":"35:82:77:C9:F1:1E:C6:F1:E3:6F:56:07:2F:3A:30:D5:64:B4:D7:ED","sha256":"13:DF:CE:03:C7:6A:DE:A3:76:80:CC:51:F6:94:50:25:05:22:B7:9C:48:F4:53:25:C5:54:D2:CE:04:62:3F:97"}}},"request":{"raw":"GET /banner/image/promotion/IDNTOTTOHK.jpg HTTP/1.1\r\nHost: object-d001-cloud.cloudstoragesharingservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://toto123gacor.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 88744\r\ncf-ray: 9aa58fed29983181-OSL\r\nlast-modified: Wed, 16 Oct 2024 08:12:30 GMT\r\netag: \"670f756e-15aa8\"\r\nx-frame-options: SAMEORIGIN\r\naccept-ranges: bytes\r\nage: 1867\r\nexpires: Sun, 07 Dec 2025 20:57:27 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88744,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 840x480, components 3","md5":"a68cbd4cadc54ae7c2bdcb8bcf4c13b7","sha1":"4e8ca505e4b8ee0f154d9446d44e98769fffccdf","sha256":"cf91122176ba6cadc04f42930dd19b4f8db1b670efcb5b9d8cdc18696e3d1a65","sha512":"58a3e5cfb5a3d9faa2cbf7508765c96f1cc37266f0dc839b84fca1d8c77cb717eb277eddafa93decd163ebd06c2facf7e9cbd0612818a17038c3b22bea548f41","ssdeep":"1536:QPc1JYCEuB4veZYnmyKx9wwwwwwwwwwwwwdTa39wIQBqoQYCrPcXHYoXYwQ/NAFZ:/2CbUnmyvGwIJ3DRcYwENAP","tlshash":"fc831209cda5adf3c987f67993301364e3b1bc4dce4635de44fcc29922a60506d6abd8","first_seen":"2024-10-22T04:17:53.670323Z","last_seen":"2026-04-16T22:16:07.208964Z","times_seen":1340,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":101,"dns":22,"connect":1,"send":0,"wait":15,"receive":6,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v15/Pru33qjShpZSmG3z6VYwnT8E0i7KZn-EPnyo3HZu7kw.woff","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/roboto/v15/Pru33qjShpZSmG3z6VYwnT8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://toto123gacor.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 26528\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 05 Dec 2025 13:20:17 GMT\r\nexpires: Sat, 05 Dec 2026 13:20:17 GMT\r\ncache-control: public, max-age=31536000\r\nage: 185831\r\nlast-modified: Wed, 14 Jan 2015 22:46:57 GMT\r\ncontent-type: font/woff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26528,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 26528, version 1.1","md5":"b20e0cef1fd0ee15a5fc0d150d4c9672","sha1":"7bef9051bf8ecdf269228c6e743dad5a8172aea7","sha256":"47a6d754139b198b90326c9ad8c22bd5e2ba5e2d7e2eeb443deed603255a611a","sha512":"cce8eb93332e18c5d4897c004ea1241f012cfa17da4f05ce87b3246e56274f9d561a4c2b49bada58f1d5d1d8f17db5a448e4bee78c0d8e3dd9a5047442d05b4a","ssdeep":"768:+fXipTa5SqjK1O4v/B7ddk/IxEjeRUVC8cy5zIQaqK7nP:+fXipTwf8/xc/20lcbP","tlshash":"e4c2e05f1bd2984df671483cc2bf5aa9f18053eb13ea7a745f925a1c22a15d50a032e3","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.083124Z","times_seen":1938,"resource_available":false,"data":null}},"time_used":675,"timings":{"blocked":304,"dns":0,"connect":15,"send":0,"wait":15,"receive":3,"ssl":334},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/mandiri-syariahoff.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/mandiri-syariahoff.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sspNW1Fv1UcAx8QHMGJcacHhAcr7lA3sAcoG0SepFh%2FFYvPiEVI1%2F7RYiFYIXo%2BwvAfGaxvkPMssfH9onxysDqJKnVl6SbA%2FBABSeg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2bf75568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/banner/BG-Desktop-Toto123.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/banner/BG-Desktop-Toto123.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l1Jkl5zLeKqL5Rb3zVz00EqJgZfW9BbePsgX4XXLip0FywOeMY1Hpz5dmAHwsiuXet42KItAoxCmJOtoFQCrOPqAMBN2uUY3rxLv2A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58fefcf3d568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/jasaoff.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/jasaoff.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZDSHwYTmBO%2B0XPGEtRG%2BIrZpmYhLma%2B7P1e9r5U8qr4%2FwXSX8FnwOpHw2XaO8YRs4OQ5RQfdC%2FS4x%2BwTR%2FMHQpY4ztAuEtB59L8%2FKA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2bf78568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bank%20ntt.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bank%20ntt.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 126132\r\ncf-ray: 9aa58fe8c830c759-OSL\r\nlast-modified: Fri, 27 Dec 2024 06:45:05 GMT\r\netag: \"676e4cf1-1ecb4\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":126132,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 711, 8-bit/color RGBA, non-interlaced","md5":"0be63622a223bdf5cde56cad25019f23","sha1":"8f60c81b8ad495dc62b12eb94b1dc70264809da2","sha256":"0fc74389791c33948b27fa6cfb21b93a897aa06c2a72ce87ae839cc253045e86","sha512":"865c68e5a46bea15696e2f105cac9735744b79293c120542a1837f080da5424250385b8973f4970ad8e9eadbfa77f75771eb8cd86a63ced89e7029ab02d3b632","ssdeep":"3072:9UOsdatDoCESarH0PtKdJPbGt+aj8g0kO:9UOsPCESSHuKpbw3wg0kO","tlshash":"0ec312f0544bc97a4c2fece82495dba21d168e4ca0e85b34f7f0a8ecd755bc47265e12","first_seen":"2025-03-10T01:18:36.725349Z","last_seen":"2026-04-16T10:32:07.161803Z","times_seen":80,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/jquery.cycle2.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/jquery.cycle2.min.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 6849\r\ncf-ray: 9aa58fe8f8a9c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-5710\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22288,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (22288), with no line terminators","md5":"3981c014980610a347911b3eb292b722","sha1":"a19a589bbf0d0a607557cc93768fa68ec4d9b87e","sha256":"6b41e47a54aefc08aaa3678ed56f5689ddf69b8e8a48e9af8acc200ed0559fec","sha512":"a1e7501a56f8eb568e1c954104a2e0c382d2cbf9ffe386d1ff47374460156e1813374c69250ea17d5fd9f2c8d9d8734504c8782ca09af0b503d69efda13479e2","ssdeep":"384:dKoMqqIIaGwjZufVdJHqktq+3XlTXdE4VzExmRCqfL:PqXysVdJKkNTVCmP","tlshash":"3fa2b728b249396295f328f8733fd00b17f12d776950d6a170e2c7c96e74946b226bf8","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.166273Z","times_seen":2028,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/dana.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/dana.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 2233\r\ncf-ray: 9aa58fe7fe18c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-8b9\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2233,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 89 x 25, 8-bit/color RGBA, non-interlaced","md5":"d4c86054bef770accb247693dce1184d","sha1":"215ae0206849177269831f7b9e433794b2ef80ea","sha256":"eb6f10f5452fd08234a524d21df41a6b9be1466c0c3acd39017951cd4122a3cf","sha512":"90e02eecfe4f198e6d5f18e6479781e9be9d3597f2d59ebc91a3659fdca1416db7fefc1daec550b95643809faf33433ba0409903f7c238517898f9905ddf25d3","ssdeep":"","tlshash":"2d410c6ef6816981607d8fd108ce614ace6348c4ca60f4a46cf6dd5f8b216958c188df","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.164416Z","times_seen":1620,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/icon/icon-totomacau.jpg","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/icon/icon-totomacau.jpg HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 52505\r\ncf-ray: 9aa58fe7cd99c759-OSL\r\nlast-modified: Tue, 26 Mar 2024 08:43:46 GMT\r\netag: \"66028ac2-cd19\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52505,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 210x205, components 3","md5":"1aa941152037ed686d532ae5691731d7","sha1":"8222036a29fa540a55dbfc2cfff401b12d5cfcf4","sha256":"44afa7bac070be11a25113dd4ced630691439d7801bb9fbaf0b2251776d1e558","sha512":"c310d4567377aeac86f5427ce17f1a625b23552869737634a66946362619f616cb69b0b74ecc96080bae282684f553227fde12019a927cc9d1d5098c0ab62c95","ssdeep":"1536:qMgV6MUNNyDP4yWj4GYkUnk5hNQRh3txlI:qY/6DgZXUCNQLtY","tlshash":"5333024dde52a720c3e946ff7538938c06464b64066b3d90fe080982ee32fa65f63769","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.170212Z","times_seen":1593,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/sumut.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/sumut.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\nexpires: Sun, 07 Dec 2025 20:57:27 GMT\r\ncache-control: public, max-age=14400\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9aa58fe8c818c759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-17T03:11:03.349549Z","times_seen":489671,"resource_available":true,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/global-mapper/lc_license_id/18727416/region?jsonp=__lc_region","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /global-mapper/lc_license_id/18727416/region?jsonp=__lc_region HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nuber-trace-id: ca9cf0e6fa3948952e828180487f198f:7693c4dadfaebbd8:0:1\r\ncontent-length: 35\r\ncontent-type: text/plain; charset=utf-8\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"b17346aced6298b7e1cadcd62f40003c","sha1":"c28b849fff4b4d9d006d803bc4d18368446ddce4","sha256":"a379b1707064386da00957301b6eb053249cfb462047d44e4fb6d52898f5b78b","sha512":"93be3c00856eedc8cedd0c7bd2b2a5873aa85dcf9e893d9e972421d122c568cbb1c9b4ca633497bc80900f688898040a218616dc69a4716fcd3d5a2dc93fb928","ssdeep":"","tlshash":"8080000e20002ae30a20ef3e8023ec0cb03e033223008288c302208228002b0822ae0b","first_seen":"2025-05-16T12:26:33.454661Z","last_seen":"2026-04-17T02:19:45.764975Z","times_seen":23087,"resource_available":true,"data":null}},"time_used":148,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/sumbawa.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/sumbawa.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pU8tUNmpkBM8WoUMTC6WKP4ZyVhjlHovKCVEC%2FJ5nQcrkxu1yMQLL3vONZEuI9TBSEeS720PQrSvg2xLpFGQR%2F4t1YV2GGH9NiacQQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff32fa3568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/css/dkw/dkw2.css?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/css/dkw/dkw2.css?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncontent-length: 13697\r\ncf-ray: 9aa58fe79cf8c759-OSL\r\nlast-modified: Wed, 20 Nov 2024 10:35:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"673dbb59-18373\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":99187,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e38770188e044139a6abcaacc04992f7","sha1":"2c018880de463a18db40d178de6e30211244afe4","sha256":"aa982c913cd69195038aa020b318844c6258c8a602ba088d2426a3edd36f3ae7","sha512":"ee207beb2fe18f7050fbd9418872e24237d30dbf581769b1a36c6a2aa80e3a6338c36dd0cf6c2fe5b249e41cd9f68274dadf71be552ee25ca46dc72d4e076829","ssdeep":"3072:+U4GcISDErftiMAM+MzMSMQMdDMrdMr9/CSSL:+U4GcISDErftiMAM+MzMSMQMdDMrdMrS","tlshash":"dea343e577a91d01702bc5a976829fe5377c8002d50acdbcbbfa7168ae4dac84173b4c","first_seen":"2025-12-07T16:58:18.637666Z","last_seen":"2025-12-07T16:58:18.637666Z","times_seen":1,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/jquery-2.2.4.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/jquery-2.2.4.min.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 9aa58fe7ad1ac759-OSL\r\nlast-modified: Fri, 16 Jul 2021 05:30:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60f11975-14e49\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":85577,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"b354cc9d56a1da6b0c77604d1b153850","sha1":"a3d8479f4d4e39b131bc9a53bbf53d1fbaa23732","sha256":"fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46","sha512":"b6dcbe11a0f90ef61a071fdf7d8c637f95fc77969cffda9f291772b4fa2c2f9020eea2916da6f1113d746afeafbf592d0db79fb2f2f5400bc0a0fc10a066ba98","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a98Q:v4J+OlfOhWppCW6G9a98HrU","tlshash":"1783c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:06:18Z","last_seen":"2026-04-17T02:00:50.22751Z","times_seen":7618,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/banner/Slidertoto-2.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/banner/Slidertoto-2.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NIbCfaOeuQOxgZ2kL7QqDYkKD4zaUn%2FOyagfTqCCTf9LBiBkS7HMbi%2BEHVAjD5HDi4e3aqqV7xWAokDpy%2Fusrq%2FMSlApwEPyrlhoJQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58fedeef5568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/jeniusoff.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/jeniusoff.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CtJ3i6VUMFCyVo6GxsYeQrBw3D7Y4YHzD1vxWpn1C0Mq%2F4aCXOgE%2BfCWueiu7FQCyW24y9L9dMj2GeoS25T3sJE6fJ%2BVqatLmtbFIA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2bf7c568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/banner/newslider6.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/banner/newslider6.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X4ryvB4lSm%2Fp5zNPlSwyI%2FEjvehvQR5wu5epZlGZqBjffT27Z6C6C2m3QycvI%2BBAyM%2B37g5UHgyEfqdZc%2F2snW6w%2Ftnp170WgEC54w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9aa58fe8bf00569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":64,"dns":62,"connect":2,"send":0,"wait":7,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/indicator.png","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/indicator.png HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/assets/css/dkw/dkw2.css?v=1765126635\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 2957\r\ncf-ray: 9aa58ff2bfa1c759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:46:32 GMT\r\netag: \"650bf4d8-b8d\"\r\nexpires: Tue, 06 Jan 2026 16:57:28 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2957,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 51, 8-bit/color RGBA, non-interlaced","md5":"bbad9d0aef39c55cba161ff5ab3c7d30","sha1":"f9f2e4b293fd67a108c95d221437240c810d67f4","sha256":"b7704daabf987a684873b073f895609ac0dead3f8139dbd872434a8c67270e05","sha512":"1796b3d76b1725c15ea06a449290b871f1edc653cad9938b877e625cb8043f9d4cb9e93fb7494f37b823434cb7c3acf3c2cf508bde28a11c48c233424f7688d4","ssdeep":"","tlshash":"6451d809dd149c418b8efb449aea9252263b1bd05b41e51abdfdd413b9700b4c64ddc2","first_seen":"2023-05-23T00:23:15Z","last_seen":"2026-04-16T22:16:07.21715Z","times_seen":856,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/owl-carousel/css/owl.carousel.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/owl-carousel/css/owl.carousel.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe78ccec759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-4b7\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1207,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"78047d6c2d6e61624be8ab53f040f58d","sha1":"b6cc8fb9d948477f947bd582d7eabcf5c69325ae","sha256":"f082a14b9512e8b85752e92e860b06c54b07476aa9f84ab4d22a6238809b5464","sha512":"ffd64443e18ebf40496ee41d44a233181b9cca1a85ab159fdddbbd16bc32ef883e00d59ab66c56fbe8ed905ca76c8506f3950ad1116f216b00f5c048d13eeacf","ssdeep":"","tlshash":"51216ef40131318d602bc31f56ceaa195a3dd1129d22160e521faa094bcfd1e613f78f","first_seen":"2023-05-24T14:32:03Z","last_seen":"2026-04-16T22:51:57.702047Z","times_seen":660,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/liScroller/jquery.li-scroller.1.0.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/liScroller/jquery.li-scroller.1.0.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 436\r\ncf-ray: 9aa58fe8f8a8c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-3ea\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1002,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (565)","md5":"097d12ca6affd5151d1d56db876cc1e0","sha1":"4f1b6d162e327a5e8d0f37897d4d559dbc265ba7","sha256":"e00749ed99da6de8ee85c1fa969a7571feaba5a506c1dd88be8a12e20ed680d9","sha512":"fd4f03f1ba6fddb3bba25d32d09e9713d08b55fbd11330d43e74dd874646d01a27eb6dc19a49889cea10a09300adfaf1ee0a11921d6858255f31893fa8d8fdb2","ssdeep":"","tlshash":"05119e08eb0611bf0ce5e738fe3f9b1c75f315134222d5a495fae4541d814bb5270959","first_seen":"2023-10-15T16:21:25Z","last_seen":"2026-04-16T22:16:07.068145Z","times_seen":1806,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/sakuku.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/sakuku.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=14400\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nage: 0\r\nexpires: Sun, 07 Dec 2025 20:57:28 GMT\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9aa58fef98b4c759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-17T03:11:03.349549Z","times_seen":489671,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/kingkong-4d.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/kingkong-4d.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5ENlrnKV8Q4r%2BvGeu0lpQe6SwmC4m3joERejpXtDPN32%2F1Wa3OjePgfU3QJmpjx4d8%2BuMhvOJTtem%2BV4Ei7YwzUhp4Bk8JXhyIcEqw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2cf87568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechat-files.com/api/file/lc/main/18727416/greeting/b08e27b615285e141aef26ec9c071dd0.gif","fqdn":"cdn.livechat-files.com","domain":"livechat-files.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:38.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /api/file/lc/main/18727416/greeting/b08e27b615285e141aef26ec9c071dd0.gif HTTP/1.1\r\nHost: cdn.livechat-files.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 5018105\r\ncontent-type: image/gif\r\ndate: Sun, 07 Dec 2025 16:57:39 GMT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5018105,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 360 x 235","md5":"968469a10c654379be8ccbd51b09849e","sha1":"b9ca4cf15690b16fb11f005fcd13222bab891eca","sha256":"153d5fbace49c58214698e0f284a4416dd7af2a56455cc5b8e791cc953422793","sha512":"ef2acd0f0fa1e21445bb5bd7631e7b74c2719fbda09a32292cca53e1e895f03a059b56f5eaa7d2a4beaa19dbb50436308c2a4b94d7de884dac0aa005b66ea371","ssdeep":"24576:x/RNZ1E9FDNIID2uGmtU0b3PEORSy5j+NlwKaGlMf:jHoyNMDh5iQKwf","tlshash":"e32533504be7257df37b60e6696cc42c828e70374400ae079def9428fdbab6d57e9488","first_seen":"2025-12-07T16:58:18.640387Z","last_seen":"2025-12-07T16:58:18.640387Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1874,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":809,"receive":1044,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/css/defaultTheme.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/css/defaultTheme.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe79cffc759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:45:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650bf49f-649\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1609,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"096e1a4593cd1657184db0c09bbd6938","sha1":"ccc0688d0ce0e0f8b93e141e912d4ba53fd6f1ad","sha256":"404e24f0cf7b62268f97128b89aabb41cfe3377f767bbbaf9455457d3e7b7f54","sha512":"c59d36cf6bf9d5b56af1ac7eadf167de125d229a911b5a65cd2fad03c83b7570cf474c58678bf83ca3abb809bd7d996bea4f8a6045fba0102d143ab407fb01c3","ssdeep":"","tlshash":"17317845dbff3803d05cd76da9dd69ba89344327a7970cfdea90c50c1b4012c09a6da0","first_seen":"2025-06-27T11:29:10.501891Z","last_seen":"2026-04-16T22:16:07.117784Z","times_seen":482,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/sinarmas.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/sinarmas.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3215\r\ncf-ray: 9aa58fe82e91c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-c8f\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3215,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 23, 8-bit/color RGBA, non-interlaced","md5":"73d053c5421d651ab7a55b80a0c3124e","sha1":"4292564eb27a6a8ac74e6e8a2dca08ab6bf1aeda","sha256":"e16b358ac0d98e0eae590a78af0f4da1616b96f54ee57bb1d498505e2a104134","sha512":"69ce6496937596e2a005259b29a217174d8c7e7dcb2795f1ec384b60e7770647ac23e16b8e9d999e3d866b3bea1a941eed974c67b4f95d315ef6bec45db152cf","ssdeep":"","tlshash":"23615a955ec3da55a0c0b635b82d792024d869027c2d0ecee51ce309933beb3ba4a75b","first_seen":"2023-05-09T14:48:56Z","last_seen":"2026-04-16T10:32:07.131665Z","times_seen":531,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bii.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bii.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1024\r\ncf-ray: 9aa58fe8b807c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-400\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1024,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 112 x 29, 8-bit/color RGBA, non-interlaced","md5":"c4e1c554cca279977aae17270ac91ec1","sha1":"7a5d0fd42237643ba9b9512b60be3a733c2f7973","sha256":"bd7b235ab639d8e66fb44d629b95305d93e9b8762067cdac88ce09617e12219e","sha512":"359d74f9e1c1d20788d2d58cec6c5f703ebd0b1cc768a2da7036f626f32d364fb3946a1166eebe5f6544bea57b4947905fd1830cd99b33dff92d6276cbf039a4","ssdeep":"","tlshash":"7011c8c86fb1046e993faffd38122d20463fa8a267558d88c3670982a883c9c08d47d1","first_seen":"2023-12-03T13:22:33Z","last_seen":"2026-04-08T20:00:11.67689Z","times_seen":33,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/hanoi.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/hanoi.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z3UkbE41vVTFrNWq8nPFsGflka753SpdO81FkVMXuJ%2BaSMPfb0nonAXDjQh8XBxvr00mH%2FBWb7G%2FN8F0bVqQdjRj2jBJXIfHrkuCHA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2cf83568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/muna.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/muna.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cemi8OJgTVSVJScUyZZ3XdJb76TINasTk3y5x8yJkseT17eiUfa4HvkzA6Gae3ErcXaAVI0o5gD9ho2lndYXLYcTtTPoI7C1ZJxrLg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2df88568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bni.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bni.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1242\r\ncf-ray: 9aa58fe7ddcfc759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-4da\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1242,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 24, 8-bit colormap, non-interlaced","md5":"f4d6f0960f58c75167c9add1bba9ab55","sha1":"6a1f672e0cb1261eb33ca01cddd7a4ec4342529a","sha256":"50afebd206f7b1ef8fcf1d4dff496412a08518bc068319f97465908441cd4041","sha512":"ae764a25ef0050c0385dcc6b87239553e855d534c0026c81f0aba82072c1d81a19f79ac2abc517fffe5824234e075bb975703369cdd9f717bf1d5e7c5ecf7cc7","ssdeep":"","tlshash":"5a21ea8df0f40f1236917ef772ae5cdadca866b93db42b341253d5249904ab081d3367","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.141133Z","times_seen":1618,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/manggarai.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/manggarai.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PFdDGJdBBS4n3x%2FfBGHSo1mT4JiV6Drb5fM%2BQ8keNl2cWfqwE38qSqF0E6v5o5GevlhxORik10%2Fd7qGtgTNUCVKlfrmlnaMB8DTPTw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2ff8d568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/sicbo-dice.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/sicbo-dice.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0525vfCXogtqTbGvoGS63I4uP5cvCNXBA%2F1fxgm8Edd3F9LQKUsxk00%2Bwff23oy9pZrhoVn1Y%2F6K1Uo1bvaANJDMY0ezpYcIwCrORQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff32fa0568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/totomacau-00.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/totomacau-00.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3WzuDLza5KmxZANn3%2F6ZjNGBJkfi9Eyqcf01QBHpTzO6od5QMWfXEcAblnCg7MeReM73SKebYkjoOik%2BDjodj4V2xZl9A7cHRKtXHQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff33faa568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/halmahera.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/halmahera.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3QAxqUQGrXSkiYeS%2FSxywE%2FWr3WbRR6Mc%2FOgrNRBt5dvfsud8aZYQgfD2AScPsmXZPj3Zk6UvZOio5nVbQrPXNDtqClsS1HHnAH%2BXQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2cf81568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/totomacau-21.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/totomacau-21.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hVJtBG21DFmsFGbvg5HscNi9YZ5eC%2BhQq0CV50cCwvBISTrjPNVSZPzKstqGiYLY6hkq4DCoLKvdAHHXEthgA1Ao7ULd20EUjc%2Fuig%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff33fb2568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/bone.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/bone.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=heNMqpngwNSfP3Y6At9uDzSRqzKfS0ogg%2BJ8eIYRdXPbDYtfpZsD9Nh9Idvoh2BLKTTscQFCZCezMjAG2eAhQSmEQXFRWDpwZGlsAw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff34fbd568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.livechatinc.com/v2/customer/token","fqdn":"accounts.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"POST /v2/customer/token HTTP/1.1\r\nHost: accounts.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 225\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.livechatinc.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":225,"data":"{\"response_type\":\"token\",\"grant_type\":\"cookie\",\"client_id\":\"c5e4f61e1a6c3b1521b541bc5c5a2ac5\",\"organization_id\":\"82478514-7d8b-41d4-b2a5-a7912bc5b9f9\",\"redirect_uri\":\"https://secure.livechatinc.com/customer/action/open_chat\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://secure.livechatinc.com\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\ncontent-type: application/json\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ncontent-length: 201\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\nset-cookie: __lc_cid=086e3cc9-7d96-4c4b-a322-16be6b25af17; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 07 Dec 2027 16:57:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__lc_cst=c727be537d39b64aaf99b30fbdb6c872119e7cebd4ce8c18014d82690fe50c1354c2a71b0bffed2ce70758f6e9271142e9be3ee79a816440078e708a52e4; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 07 Dec 2027 16:57:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__lc_cid=086e3cc9-7d96-4c4b-a322-16be6b25af17; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 07 Dec 2027 16:57:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__lc_cst=c727be537d39b64aaf99b30fbdb6c872119e7cebd4ce8c18014d82690fe50c1354c2a71b0bffed2ce70758f6e9271142e9be3ee79a816440078e708a52e4; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 07 Dec 2027 16:57:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__oauth_redirect_detector=counter=1\u0026t=1765126680\u0026tag=a1f34db2c42d4e2bd7d2161aecc121242d0beb8e; Path=/; Expires=Sun, 07 Dec 2025 16:58:00 GMT; HttpOnly; Secure; SameSite=None\r\nstrict-transport-security: max-age=86400 ; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"41cd7e1b87dba763024bfb76e3cfa5e3","sha1":"1fcd5f139714bc40be7a7fed2457c7eacf619391","sha256":"c2bac412d02c5a27bb6e444576e313aebca602debb96e40ccb09ea98aea53234","sha512":"61718178a35e6efd061066d14c454d06d6ca8451b07d6a3f8ccb4ee3fd4901a8bcb79614ceb313f03392b2639dec22685798c2bcac3adffb9835335d82a8e8d5","ssdeep":"","tlshash":"5bd0229a629168ec14e92a431a808984b03320aac6c010cca0f5c3ae0e41d24e327520","first_seen":"2025-12-07T16:58:18.643189Z","last_seen":"2025-12-07T16:58:18.643189Z","times_seen":1,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":34,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/text-rotator/css/simpletextrotator.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/text-rotator/css/simpletextrotator.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe78cc5c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-b7a\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2938,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (558)","md5":"2806c1be092ab58c3f85725925cc72f9","sha1":"e73429f735fd768dcdfb11551e36ed7ae5f95b1f","sha256":"c5e5cb1ccc179012ca2731f45675e69d4f18c6f49d42801176b3652e035d2e2b","sha512":"a4d42d3805a16cd11127e915375c61a2201db28d7f4204223df8f778a8fb5e1828f5994e4803086e0729f9aff52dd864a21c951e94e4d1273b51119cc2c180d5","ssdeep":"","tlshash":"3a51a7b65c9095cd893a8e08e7cd1fa9062dc3b218621d9e7306260b8dc7e6e53ac753","first_seen":"2023-12-02T05:19:17Z","last_seen":"2026-04-16T22:16:07.079307Z","times_seen":478,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/oregon-9.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/oregon-9.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=giNrN8IOYgJ6vwbC6i5n4ztOP7adMsWKS4LrbziP4z43L3pO7sjCzzq0d97ACMuTs%2BJ2od7Au8NpKTTlzlb8a6TQrOiElFjPXJLHpw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff30f96568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/puncak.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/puncak.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zJrOT90uYx9ZKwOFnQYra4wtH8ba4%2F%2BflepojdaO9AweI74uf1mwCwnkcSvK806G%2BlSNBvQRgQTU%2B9M7WUEkxUBjltu5lgw2NK99SA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff31f9b568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/icon/icon-hongkong.jpg","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/icon/icon-hongkong.jpg HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4709\r\ncf-ray: 9aa58fe7cd8dc759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:46:30 GMT\r\netag: \"650bf4d6-1265\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4709,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 210x205, components 3","md5":"606bef132f2c25652dd62b4e7a5ff71e","sha1":"2e75d728149ae3c864f8f2b827841697ebd5481e","sha256":"8b2f204a6ecba604871a339562709f1194ae9ab0a2c8ad61564e4788682b9f2d","sha512":"4a27302f6ec32081e6bc4470c7060451c73b81fb3ba99f387d7770c8848de966855aac85b9008481389a57264a484aa45b7d2e6d1c932d6d444172606ea66708","ssdeep":"96:tHEgHiDK8H0HbHtptQQWnOAEV6OIyNhQN6JeVyN:hXCv6H7WNU6yNhdJqyN","tlshash":"79a17d94436141e07e2cff39a9524e390a805c2d5d88e36fd31f3f84247b5baa824fa9","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.131636Z","times_seen":1504,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/icon/icon-sicbo[dice].jpg","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/icon/icon-sicbo[dice].jpg HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 6397\r\ncf-ray: 9aa58fe7ddb5c759-OSL\r\nlast-modified: Tue, 26 Mar 2024 08:43:46 GMT\r\netag: \"66028ac2-18fd\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6397,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 210x205, components 3","md5":"0ba7932557a2ef57f4a404c2e8cc89ca","sha1":"bdaee9aa983c86abc3b6e12d904263d9d020b8d1","sha256":"944e25293de1902e94503301ab274b4348c7d48828414eee613fdbfc614dd74c","sha512":"008d4ea19a9814894495373b9537293bc5ccb2e213657c7ee2122d09121b84456b64be8ee52216381a891bf561f023e4bb90e208561667eba3ae53d51d45d613","ssdeep":"192:U/jMXLdi8mVPcW4Aiycewb1WBZNXb592cQ:Ug7Q71Z4Am5ZWld0","tlshash":"b3d19e678ee8382beaa6463c19d45cf837a18ec31e64a590f6cd3d847877120c84729d","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.21982Z","times_seen":1562,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/mega.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/mega.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1428\r\ncf-ray: 9aa58fe81e73c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-594\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1428,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 16, 8-bit/color RGBA, non-interlaced","md5":"dcbad8ef557451173cbd6faadaa7afef","sha1":"4e13be9c556722e99dab5608f4722232e9610b53","sha256":"ee99380c744eda83adbe3c2a771e24cb36a42641448dd0fb3a55433d4e15b824","sha512":"92a2c4c17e4b4244dd06bc97386e2ebe862031e77215263651ca757cf784ebc62152f1aa4e7eb9987283c8ab91dffea6d87248966b7bc9e0322249e76ec00618","ssdeep":"","tlshash":"b621b956d5c03eb7c55cc4726fc60883dd7f9d3aa14bc20a316f15d4554c802d61bf86","first_seen":"2023-06-01T16:10:35Z","last_seen":"2026-04-16T10:32:07.245791Z","times_seen":510,"resource_available":false,"data":null}},"time_used":631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":631,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/badung.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/badung.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EtLjUk9gXx4SxBw3%2BGt7RIJ3zndanlJkfOq19s5otjuywS8%2FDY51gzyjabekZyV%2BgsiNHDq3z1jQ3J73CDmxl5JiPFgwz8lCjzfN8w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff34fb7568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/feedback2.png","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/feedback2.png HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1180\r\ncf-ray: 9aa58fe7ad24c759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:46:30 GMT\r\netag: \"650bf4d6-49c\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1180,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 206 x 32, 8-bit colormap, non-interlaced","md5":"76fa4b2588a14d5e8c62f70f7263d62d","sha1":"8f2510f7d96cf7a1756ff8dbcafc248bcafb31e1","sha256":"639775068932c1b628a731e51f57a420b6006929bf08058d1dd628b2b0aa1e51","sha512":"69251210bbb555159087994e5c28a3552118279bd93ad8aacd6b95a99b1331c9053653f2abae5ed064e29c23ba26b3ec283577af83d955d04110b28556aa080a","ssdeep":"","tlshash":"8e21cad9ff40d833dee1874c05b05201d6c284539a2f266524dfc8a856e72d9fd7db91","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.158698Z","times_seen":1933,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/mobile/assets/img/loader.gif","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /mobile/assets/img/loader.gif HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/gif\r\ncontent-length: 5517\r\ncf-ray: 9aa58fe7ad2fc759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\netag: \"60c6c4e6-158d\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5517,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 15 x 15","md5":"bc1bcccc4a3342d2063088deae7d17a3","sha1":"a1a988f912d3e17a908945750b91b508672ccac1","sha256":"a76090f2d604a7e9bd429900001b367ae94f52d749fd0f94706be887d87cce7f","sha512":"08c93c3506f083bfbe9ba6d7f9824f871ca145ed9bc431c248d3352a05cf23db90ae2f39bdefa532e8d16f29b623d3d91664753ee471fb606a2b082b6cf791c3","ssdeep":"48:0zXKn2kC7TYJJ3C+gXfU8wzXKn2kCdf4JJ3CUgPfU8GzXKn2kPJJ3CQgrfU84Wy6:K62K4fC62rSYfU62q0fI62oGfw620ifL","tlshash":"cfb1980de9d0bc05458de9c92de7d43a1b1108508ee8eeaaaccec8568a18077cd2d7df","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.085889Z","times_seen":2004,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 7563\r\ncf-ray: 9aa58fe8e861c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-4812\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18450,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18450), with no line terminators","md5":"2015fe4e8911558500fb094aac79383b","sha1":"2d1e5126c8e3386153082b98e841d7a03435d975","sha256":"bf2d2ce2803063fd72be8165d5fbbc700e24dfd6bfcb351f064367a90db9ef4e","sha512":"d6e3fb657e8dd62f942f2f59000ace81b36ce43ebcc8abda4018c1d73b155b3ce2e83d33dc1ac86cfe81b0d76100137197b905c1f87e9f2f194a4e2eac3013dd","ssdeep":"384:fD9HWD99TpJGd+iesmAnxpakrwHVXHh1p7l8dVNOpZpMOUROOHEAk:fDiAebALak0HVXHRl8dVNSpPUR1HEb","tlshash":"ab821ccd7253b11a8397707a607f420ef23a5899a8184850e059c9fcbe74de8427ff6e","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.199852Z","times_seen":2049,"resource_available":true,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":623,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/jflickrfeed/jflickrfeed.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/jflickrfeed/jflickrfeed.min.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 650\r\ncf-ray: 9aa58fe8f89fc759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-5b6\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1462,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (425)","md5":"847c6b884e569004695666dd6e90fd0d","sha1":"0f83977484c914c85ba813adb9c46506baf4a83a","sha256":"796951855984fed308feec350d31ea2ac1382b2c6aec06412f9c33e1c13fe075","sha512":"1dd14e40e94dde8ab70b5d2e0293cda5f91376703dcc2d2a4b3174ffe270663a0448377c7b8334f2195222e8e3bad39d58e27314f4a59b077a26b8085bed450f","ssdeep":"","tlshash":"623122005c51a1fe16ebb7766d9f13380f318301c868ea52a7e6c171687b1cbe573d40","first_seen":"2023-03-08T15:52:17Z","last_seen":"2026-04-16T22:16:07.178587Z","times_seen":1815,"resource_available":true,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/sydney.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/sydney.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=imwfAln7A5xkLSYs%2FSxTKg7683XToXpqJjj7z9ap2bXI6MRkJBDAnJ14EuuQeM3g5xBJR2lDMMJxTCAcY9rA17HKordXv70D7IbR%2Bg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff32fa4568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/cdn-cgi/challenge-platform/h/g/jsd/oneshot/5eaf848a0845/0.6638743359231635:1765124479:gbUtk7VeDWyYFGIOe5PjSCJNIK6fkln4yPKLRdmga1s/9aa58fe46d6ac759","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/jsd/oneshot/5eaf848a0845/0.6638743359231635:1765124479:gbUtk7VeDWyYFGIOe5PjSCJNIK6fkln4yPKLRdmga1s/9aa58fe46d6ac759 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12154\r\nOrigin: https://toto123gacor.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000; laravel_session=eyJpdiI6IlpBaEVOMFlOUzZIR1dwTkl5Vk5VVmc9PSIsInZhbHVlIjoiY1RmTFFEWXZQRkxmN1A2SklaN3liMlVIaFFUWGRnL0RZR1VWR29rWnRBL2RTSjQ1UmhzUWdnQzJZek91RWVLSkZEaHliOHc2dzlyL3dpdEVjYUxwbmVldUZCTjNkNmJRQTJmWG52WnBsUGY1aFBtaWdhRHJ2QjlYV3ZDQmFFbTl3MWxSWmxxalVwUCt4UFJTay9vZ2tlVUNLUTJjUWI2UEhNbWo2R0Y2ZERsd1V4NCtHRHV1MCs5SFVSQ1dLZUtYY2R3Q0YxQ2xNOVFTQWY0NzljRmZPNkt3aW9wWTV5dVJvYTlMTUZubm9Yb3R2VmIrczMwdTdzaExWT3dyQWwyUjJCVlllaWRPS3BVTUlDVDRTNURwM1laRzdKRWk0UVFSbnZURDJHUmNvL284ZENuUkNwc2VyemlzVGV0TWVwWlVsVno0TUYxZjV5TWZVYkRZOVVRT1BjcmxBMUtrVVR2QmVyY3VjdmhZZFQxQjlWWFROQmZiaS9JSGlseWp2cVgxd3dBc2VmS0RUQXZjUmRac2FXKzRVL3Y1YXczeTUvK3FyV0FUQ0NZRkJEWjFiekZ5OGtJOVZLWkhHZTBDd0h4eWdPQitISFUvd0FmbTM2Q2pPT1VTZXNnUlE4YzM1cENJaU9sSWRjQXpBUlVCdFpsaHAvU1VVUExkQlVidVZyd3IiLCJtYWMiOiI2NzcwMDNhNTg4YjkwNTNiMDFlYjg3MzU4MDRmZWZjMTcxMzU4OTQ1YzM4YzIxZjU4ZWMzNzFiM2Y1ZjEwZTcyIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":12154,"data":"sMoVvT$z8jRi$i$maQAk7Qi7QHoQgQlVheOV8-QZVSu8quclkEQUVsuTecQwQKKQ-Ec7QEC8AqvAO8kkfAOQABBQQuIQ1p4LAQzWQhwo3igaTTQUZ24x$I4aoQ5BPgHhoquO-jT+S3VQa$tvaIJMQ7rW7uAMVJYbXQ59$Ej30ME-TH1-TmVQ4Ir4EpYJjQ8tBpQEEmV3qZ+95qQ8g+Q$kQ5v-tVRfUzCNojDYJBOxZjBsj+MXkQ84EQQkn13PznjPWQ$HLOYKs$MhQQtBZAR8oQ8bqsR9oSfTQ-M739o3SSwTkQ$fE-Q7+Q14R123FMkOQBPCIcamLQQ-laj0II8CPcCPjCOQehIQdO0IOQoA8QZY7aluO$+Ulu2h3B5UsIKs9FR3unlYv9Cecui-CctVnhppQI-bQV885ZfJWaQ8l4pWzOyT1FQayf+yz1PbuWAPPSLWXmHjO$0OBVQRjoIgdv7wv0Fss-hYiS0MYlgfbSwNvvYyYq5v5Kj0-GtRfEvoQu9hzLKOAERy1vT$h5aVCWMYTxk-Cp9j18COG2uJM8AimA8HPh2$vOUSAyC+Nbz1iuaqtv414CXpPOQw5gF-19GrfnN9IjHcsk2-zG-TKqAV8zKqu+Rq5ycplh0s+VktSYsHlBcQHfIRVef7OwX1DTkVN4SdqDVnRJNlZi3NbqCrrVv05plJunh$I-v17Z0DujYB2aznHsdKimKZ5hWsvxLWQCUs+R3BgFAQeBp+d7UybyxuPazjgKF$NkDrPu8RooFeQQUWIHZMmuRCa8ojugfcdUK$OZN2NIj$PhzE0p3Dl$qHSROFsj8CG3HZjjZqR0ERhyIC3fQ0X8IUTWKCZVwojzIYQjoZP-TRC9-udVk8oZtQA7ZIq-TvVT$wOo9-hjQEKhuZF-yPUzQ71VCQMHOCpq-lx5QjEoPojZoqTV0VLQvISKhR0dAiKfjJFE4blhkOqLQ-OVI-3exK7XOkRoQ0ATTitb9IfvtZMDQ0Ah3VmKh59wG72GZRa4ItK7haMLCSG5VAM1zlynl7Lo-V7RFfV8qhMGyiFz1tLaJoLR7J1dRaVeQtTG9kGf+LFjZQCa8MkOdFuY1YAukOuYiYbQZIEWfV4PM$tayFYrbV$3-VnvQstehFmhFRC8V4Q7UFVtuEM7-Fg3MzZe-RR-z3oUlEVk-g1vA3RoV4-FQCOGuLMTE5JMnJ54J9dbGV98ojQCBMWARQIPybiMPyfRXiQyF5HOF5tXfTQKbltdzRowAhIF2Th-pZRIKpP3+rQRQ5T-ETk1CCQyK-O8f5bgAgu5tZMj$YV9UCC8oSuCG-kZu+ch0Yo4duWSczhIiZd1rfHBC7aFl9otRiQCeq4SKZMuZ5RQducYqD$tyI3CYkuQ07ykVCjZXTVceQhGD5HQCQkHjleAUcQkk7hFz$NIFA8hlqXUCB+Y-HjEY8kJqgX1rpZxGKFVcJDQQdMBCY-kmdfbcZhlFpYzs0p7ctZpH+wwcaBaQT8q+k2Qnfdac$4Zw8nRXrKpVjrbORlr0lJMdVC+kOKnGndiQr7rbM3Rvo3MO8GM-lQpojQAQnerWrY2fA-eeRCwWiMlmzRVhV3YYIQ$mRo3IwH8GQC$0rRW-rAuvmGQeFsDyYhoqEiQ$9S$ZQjOjlHfOLZ9RbNClOiVG$b-cfzTJz9MuL$8-bcWa4UzBbqHIUOXksFFQuLojtpQfU03hghccoVuFIhnlHmohFqQnoFOD3UhCJFqRKPqlEwMq7gV-8pTqBOLTQyE+zuMnf3jP$E0Q8MF0BId3mZFQukC5OEVe3io2SQhoIZFsC$h95Xoh20wFSMb9YB+2554lHyOW$HA55QvcG5EQTJXfbhCIHpO-owCWt8R5HZzcKlhSjjQ$7Yu+wT-cSQ$NZOH$9KO30co4aEgT3Mf5jyC$zQ$VP14MPoce303EPfAcT$y-bOuhIKsAR8$HrEfqmi3fMQwfuZIfzqGmZTT+j9pO8RE3LJo0EfykRD8gBctEMEwasQXyQmhREMOHhZsHvaIFSLvpfABVQH9ofOj+zJyVyFlZt0yn8JPHQDs4dcGclNwauQeGNJTFQI-osmlUzJgRNfTn0+8f$-F4sUstDjMM-QE9PEAM4R8CcxL8m9oFGtcQwASftsyjFnvaSTaB5fQ$ma4y9zDftjr5tFXmRP3V8Fiuv2ASsGJep0bKSKZsw9WSeq7++Hpg8a9Aj+yOMPIAy2KN4WaoTbvOoVWCjyqoMUBxKPNsG+gHRbAtGiLRaQPT7eEnf9RN0tUhB+QjitnSKq8bkFHXbRvXlbqMCaOKXSlGinEtFCWQ94t4qs1fC8qNoBf0hz4ouvsChafAIF5R4-SKmJfqQlmBg8j-IM5CoN-qmZco+oVnKHIEafjYBBwVbPEEA9VEFwail-UA79AGrAoKw9jMyP8FQsIFyRhQJCyLwLQ8o3Ev$BbzDLUBTUIFbBe8uZEstdxE+GwRBafmH5elnsS18jetFmoARv+g4qsQ$aCCgyedMtW4VKZ3942YrGTacNhRjfVu4fgMhDUEjQMuYukNhSqrQF2oB-Rj-Offx41lh3pU4eTuQLFUP5i-WFD8d$nfDOZt-e+ZmYSay0FgWjCNnvfOQZOFFiIUo$0-OcMk3peTosKditL+-hd4kVSSc58ikQbO+h8eyFIHmE7KudgTM1Aw-$TYQQXKd4Wjl90$M8eEAgWWEU-zlDpFKU9KEK7cOuobbnJfr0vt3b0PADOL1y079Dbd8bmczCuP13zQCGFuFifCFahKgI7M3MrUncsKwihoxe+2$4jeYd-uc9gF38et-TAv1b-Fu0OOQ-CFKG0Yb$CxEV+LjVRYmB+VqZJJtafG+sN3lJTBzdO4MXt7Zp+5fScKVmJjIzOUKooMdyS$y$uPMEvVDzKaUOMWRawz7MihvrgkYcsVNW-hfCvPEYdVk-XRI8GyW3QfRhWEn5gZxTzjZQ7G98fKcd9PPE4+HtuOzmh5W8CkFyjONqWjZsuQQufl8jCSQN7WJgBqzWvvsQ1JXz+Ue93NAhA+w9ELx3BAlRd0F9o$a8VXAX0jNAh5G-BmHXTfZ4Cggii1YItHSQXyXK+YjQ0DRvNTAT9Wsfyh1H5mgDM4YeKd4$KRfEkHCqa79ES-hRMW9TSbSkIWBjbN54O8h75mLBOb+4+405A-MZaNZhQWKm$Ct4-yKvsaze5VCcWYrLI9sIWsJyKa$IQXtxVJTj-Qy2ohfEsBqzYeASjtDPUUn-A0bHOzqOQEacotMyLZtDS379OiLgVL$IsvesiVT1wED8jxJC1b2ES4kUn84rEFD5AHufoSrZ491$GxZYfxkW8mxe$S04Rl4mplwx9ebVUll8MRY+pjsiA3znfUbUhM7iSkM8PNke-7SZ841FiCUmCVQEr++PIdpuQBQ8A3ahsWNWMyXRmpz0DCT4ayDLhBpCG4FRA4dycNj-rFam$J$yIQuJRCKVrpe4aOjQucd+uQUJsmeO13fNcNJNuHeORNfZp3h01WFccQI$$$hW7LJPVgf4b3fHvVk8kQC4CWowf+9WE$QHQwic-HbH-F5P5yTF-h-FvKzPal+cfW3VQWa-k3r09ckFHZQOVo34F3i$ulEgRyP4EBZQKyKBuBI-Z+oO5ySWtLA8oQYK8h7$$lRHeFvHN+Fyc3MlEL7Luw3yc4CCCsMjKLQf1Hcgc4cRyORD34Hja$mP-84A90HvkAS+P4yW5JF31CcmhVF4T+7LsJR4W$vPuTs3RCFRbyMhyFiHrHtArWZg3O2BHcfZF4KZdPHmEKF3l0JVRWfOJWYWz5w4RHOvX+j5oopTolcfFlcN4yLRcPXZay95k0L4mmYB3AMQoh-smPTsBNCC1Rzo751m75Q8uOKlcpQNlp53folCiSzFp8k8I4TVMpUmkhm0-wnVNDYcUAM-dC2WRpdggmEOmJi+$P-hJ0jgJ4fL$-uhTHtLyHR4TmK-tOqw3yblc$tHCSyWI-yW1DIVpZYWITtK40$vODx+vAM+jRrWBKLc+D7W$$YV-0iWARH8TZASbs3DyLx4EfTphOX-fJlZiHJZ4$OhXsdgH$XoA09LoRzs7J7V-CRgJgEVw8u8c$0FkCRHN+uF9L5JgjN+qBF3gs4BvgpKeSAW4PpV7hvFQ5F$PBeDfLejlfoQI$SAkweW$Qfo7llRXZuyb4h$uPuOecaNls9F4oB$X8lL7NjDe$PTM8u-k8a+IPXZepphHVos1hvZhDQDp4MhDDIc-Nl+$SE54lll73nHFRxCMODh4Vo$$WHQ-Ah8umwlADxvo-bSW4I-zNX82L5FvN4ZuPq8I8HCkf-VUs5S-NRw-5XyPsKSQCb8MRI-WSwCeyhse5pOGco0X38Kg4kQwWXlRgEV$KxvQ$WJc-rA1wp+is-yJH5whK3SiJRC+yMQPCEyb-OBF-mWR5mOTR5NrWhL1sLOZ5F54lk84J8Frv$mMHHfB0Tvmm9g0C24PvfpgvjQkOXh-4ZPh-15lvnvOjFh-SsjZ-agHlZSY0XQohnHLZfhO5IwCNnwySP4QvnS5Ru-pQuVasnSrHdCIr8TbsUAw+vf$CGvpTGS$NJfs85AH-S+lpgFjRITs3BNuyjo9SsAqVAApvQiGCVIgjgZBgrLYOE4gfb-cYIlM$HlNfmZt5JV$N-LChbpfORgViOvaAhAbjBqAQGFh5bLhsNVGVJv0ZQll-I8eTzIQoNZuhdgcGXgfBAvI-J5ZwfBSDiTUD-PS0GLJTNckFEfMq$5usBmFlPLMDgsfNbFPv-pofm+L5iCQNFQiFMliJPDfKFCbRq3AQjRvCzN0yUOd07Qcj2jF0zJHrqLXmTN1mEWJLSZa9zWjpzKng7tgm48IWC8L4VZB9FR2D$ScOj$gj7v$lST4cL+jvyZi47iYowARyW30-78MlIDc-OwPBKc-C-G1+l3A$PcC4TLbfTZ4hI8OI$WJSxZNA8R3LYZYcLolgyNXosNC849fJpp05rcX$438OyVoRavPB-Wy89-uluIyTat0B8VagThM9$ja8rg+S89mOcrAsns4m1SnZyiOwboOK8RF5yIGT3CUKtryqTjmAb0EY+AgBvB5mbomch-bC8qdwwt$l+c-S2RD0H-FYl+-lzgTi4P9HKo8VbwfmK34h+pIGQmRAfy59hrtSzcaYC4ZVkZ2B8K$t7V43zV7$TJqH1pYHivTGtJzYU0mtcg3vzjWsNr7mX8-Z2g3veoqIGKlO0++AuIoYl+89MQo$sDRNg4c-HQpotqEsFTMWtsIRhl--Alkt4loVg9X9sQjWrys-5SvL3LN5Qti04$ysIi9fZKuQAfmOSjgZiH-QQ4Q4oQh5v5DgRw-sjR-vYWYO1AkhAIM+IcxFSSAtjDYB0Pt51gbj-gbO2F74454$PpnPS+jfZIK40Glj05VryW9N8hTGIhuDghNWRoKTCisfdPoZL+EcqjUWtcy9Rp1TKZn4H8KpYqaZfGIV5J7S7OmV+5vWv0pKeNPSx0Trf3qF+NHK-0xqT-UlUlEwFf$BZlV5IRRyGTkAH-rcTfBW2CyvHfUSnHecsGkR4wUsvpFooGewagF3YfmHLpri3F0phW9gG00ZgqRvXZGqZLA82LXqwqI1uAK3L9orRN$ScRoP7V7YllPLmmX-4KGLSBX$ApyFdW3cwvSZ9w1T2HbSZv5KUIcoj3ZBc1NFI3cfaG94JvI-FteyfLeONcZo4AFNnfPD$o$v3LaRahX3cN+FvDGY0JOp$VBQ8UK4YWnv$$5S$$iHNpk9cl$ykTapgoQD0hTpRhHzStQ8RYIV2Ncu7$PAEAXPTqTQwhVWgWzjz1qhZ3eBYrXszP3A1fkwb32sQk0G+r7+4PWqt9RvyI5rtiErAZvG4$HRHlcNjGEgR5hkVBIvft-Gk4dN1+rZP01P1mWvvw$DMG$0PK3c-NFDFWHyfHNB$Yrpg5WorffL-UH3HlHqNvEH4Tu8FsIY4p5RgYn5fcpTIlwA-$zoJ9ZK+KjfVZX+jsWYc1W5M0NHp+1o4wEFvD1GSyB5uKHji-vV15IjI3IsX3PZC+cllL2L7GyA70zURvUjvGjCD3uAkziNz3XNnvMfElSt7AM3HvetXy19TZnHIIoYT95OC4NTbW-lBUeRAfhI8HeFLiyWCacaqdc$quAk3o0qhRRYj-7YiI-kwBl9mFmAVtzGSB2q2G5AZz-4b50+IYFDRh$k9CjRVuI8pGLJNwYfsSI99IeUGrQgeUIGYOIkst7ipOPVLAazpprtG4bFHh-WYmviIg3WEI5qNklrC4BIGtX0yGsPah-g+mA+A+h$-uyGIKyVpyGv9dPHecbCspQ5NfEtW01Cmck-k8u5hEfQMJYs+Cs5PIe5XO8Ysgzt2YRffjvqc1vqE9sfrjaho4fT+SuDrBaw-u1pLyg1MY$gGS5$KNgpGsRociQ10YGuM5G4d9ijxp4g3L5KdGNOqKh$jUj3UrVs5Yh-8R+0iDK5IQ1g79+W$-1P54bFu$+CMTIUuJqQbIC0X8siDYF3BEWkkRkZR9twvYtz+rfEuRih2wGEq+bl83zFF$$q2y7Q+YRE0mzfTdiYr4HlqzCkCUUKCkrVhgEpaWLSl0jlAljRXtvNudsNWIukD1NpbuBDEIPEmFltVxvGvT3oUYlBlqhRLv5HHKXPL+cm7cgf-W2Gei7GIQkZvdcsl$Kg7V0SNmqBrI+1q1nfvjhw7tSWG+WdJUcg1yj$v4Zyo3r91FA8jEMstyssYwXSCgEZhEmZHxRTnvLo1hC0a38DuKyuI4SGERiuuPDzrzCnpTfqfyA1kfUcY97aakbfPjlmlPy1BEAZofVxjEjCP9YjKI0Wm+cgeGLkMIrDsLoPX-34c$D9bkTRtPUmZV43Soq4fFHGcN$EAk-qUh41f$j-aMtS7yNSqLDfdCTb-D2lxkVY0D00lkDIubOtKorjeygIAyAyGZWE-d5hLvc-DgjX8IyJR4A1XPedTiHiLy5JgheLWvoY3C9Y73RWxre+8IHWcYns7IB7$zXW2m2p4kOjXlWAT-XPHThqcEhqSm1oj3MuYJFg7LmKsz8Spl99KZoj$UIrsq8hhz8F7zjWhRx4rEPk4o4-rUrqFOUcN+x1bWqBOrfaUreUBBk$SU0X9BRvBSfBvqzC78IUZtejXatj8WjYno2F5XjU5O79jNqeQpC4Ykk3IZGIB8hYFRiKBTMnyHWr-XTRqIB$HvzNUjQqiEDD2-vim204S57DFBTEWOHjFlcNWWuFVCgJlEeRmK7OY5BXL0uI1$Ohz79Y0Uwqyh-g2fKJKwc8+fEgKgrAK-7QB$8A7FDiubvdBnkHHn7c9tcPH2gODPUbIRzS2BbJczBa4AB1XQSkUqkhbD2vS1MZpPSo1f1jpyUEvg1wH4fcFmfJaaTdpOTkRa-+a13KbpbBppOi$nfTIvlwbf5i222MUeQlZYb-+u72d47naZoq3mTXjwKRzfJXRmx5OomfTyitJbADE959P5M4+n$+A2fminmuBR9fhwf9TpKtzTIfKw8lPMXlW+f5Hz1jYnSLhoKH95sPQzRE-SiP7$U$NbX3d4h+KwvaoC8jB$Qk-goZ25pu2ip3AMgFoqKIyNwE03GQjReiViJpSFhuhqGi5CaBPBvtlAbEv5b$$lzEwVNw$s+mmXfoVjnODaREsVLC8Vl8pfT1QEBN-ztlDl3CJUsV9BQDqxQj81$7u72ZKKCNG4M$sVVC1x-QRwfAQ4c7VLu-oRkVaHcuM-$OEEHFLsBITfVAfsoo4QR5socEaOwqpg0b8FMzTBCSdBHFmO7Q0RBmAIog$ACPVM5ZQTUH$8tZqcCVs9-ZmHQONTOuOqs$hfc$Z8oa-ovIvhwlesohFy8d4Rhw3$08$z1Ba-jy8YFFM1jVouIUq0yll8VyCcEVP8RCIhB4FNOD9j4Fv4s8TjWHZIQHf$$sRH$uaRIQt0C3VEQO5jSz9HogQf$4VuQjukBj-0Y8JIFnuzwBSpZLhIyZmwuEkP-8T$E9HxSHwBwOEnFB-YlUuao8HbFt2ybFpuBHsw3qZWF0k+o1cSy3ZOgIwOrH8E-7tKR4y0o$TjSKiO1$rFRiRMw7og8HZFQcSjJjyRayEZ7IGHhoZiQ5V15IZqFooEow5RCTAqvHpOr+Bt2gZBZIZZhmxll4MTM8XoM9lsNrZlOTZ8oLhmxlZ4n8MIVGllTe38LhF$Vx8y29Bf$84CTFIBo8J3$TTQFbZ4fzES4og$Yo3u5apC-LZE-Y$27bj8BEvKbWRV0ZW-uMoEcZMOT5$r3ZJI7K$-zCC$qCtL5JAiVBCNIH1uz-TSyLlKNcKo7r3VjeVlKdjIOLo5asj2hVOZkShMZMRR1hFl$cjRH+uoFl0IPZLOjHpbQ4VERV0IutHZHcg2poHFXefVSj8E04RlFNc8OAQ-P3$LtFauT45LTWlZj4FwuGAjppWlvxQOgfRzlx-3Rz$f0ioiuQMwBf0NOOphfIkHf0PAMLFDOxIycvGeMQTquu40qTWx8tOCkm-juy8vaoVFeQbbhBBuR5P2KsaCGai+ClG-PLOOSINYl-ZuFsTb0Hzff-qsF3vVM9dy39hB5xLlM80-ClwoXmF$L8xAuPSQsAwzLjZaFgbv45Q4f3MEaHoIgOlOluRDZE-YcSNI8ln3nTqQhs3fi73zPRVBMn3fuygcVAn8lQTROsJuQDhsOxk9hTqo8$9Ve+HM90+KoA3XRDV0QkQdVQulLIIxlwkc-Pqhoj$teciTjjk$ccV0HZQVtVZ3ReTuK3OhuR9RyfqmhRzPzQAc3Ch55Q82li9qTut$5wNMVQqM2SjDt1RbOCVA8EPmTi4L+acitZhVlJc2Vj8S$SykQunJqZtTlxfVT2yiGi0TVjP5znmo3Iu$dWr$eQB9-Af1+0akQUjkASboeAiVkTi8+QeQV8$CGZQ-5H5kCyK30E8QyVKhVCQQ8cqVWoRVUu31ToFdj77fHEmTx4gNI88LjOsCAmbbBauN4SwSoo4RmovhdVLzhPF7K2ox$l4ahfVvH-ZcpgzMq9UOmM$uYtzG8aC+ilD1NYzmACoIvBNX$8Qkt9cRd3o805XRIOinzNTuog$temQSB9TZ1m38FPw0oCqssFWx8pBCqAARcUOhS5qTB90oZAjh$llOF4MfurHjNsdunTLQyHMcoyFlhqupooIqMhvZmL3xTOajQV5W$lhNLZcvH2+hWDIOryvfxvvI17-F$mcdtjbmyu8-7LaT4tPHnR8fw$RsLPoCMm43IVOM3LTOPQ14sHJ0Av8U0jMtbpE$PM2T8E8BwhsPjPRFV+oe5h2Kj37VuUJQZVsIoLKRCBTn$g$8VSo3zLxLQOnQEa8oh+lXF$V7IHujBRU-m$aAtI-VRzQkRl5VB3HVboIhP8s+$oKuTqsERqRxPAVH5dm1lHeT4BDiYlhgdNvsKuz4uKQ1Au+-jVyR+AqQa4oER3LmOUokc5gBY3ARLyOAoQsguqfzRjQI9PigAQMwrLmOoe8tSOsM$dE-UIe2Zz9s3vgCm0Bepclwm0hDbwCM7Mz7Il3vuVO0xVaazwmd+UKrZ-Qnixwmxl2ZwW$EVBfiu3sGAs4kalzFqa5yNFDlgera-w$251JaQUwdtEquvfHLY4wo4mhq+xTUKOVDjrjeq+IRqQJUSES43Jc2fj$F4feZVSm5u8UALutQNQ24YE3DJut+$WznkdU8UcbHGe0Do9-roGcbHTIrbojA1$rcfQFeHOa4jHQnf34JED7iOR8RNJj$ne-BaLlJ5QBuyneqrZmjD5Q+x4Il3eyXZpouTo+djNcyOw38UAyQS4m8FBGVqcRJeAe1c$XYCCGK88texcb4fpHnJj$wIBF8qziR-VjfvfT7tgyP4g4KOwukgfOo78wW-W7XIV$$ACq48Mhc9WzHTEXVupocflmzJPVQmpK25K7RisFmPKGlwWIEIVkb-IyWAQz4jHo-ZB2fuVTu0lXJfHZnwh+mLAu$TTqEtQ3L3tHl9INmvP3ZFuv3ltVpXZpoeVJ$PQy8IFmMriV00plDTXwPO97m-EMlJTn0uQr2KFv+u7B1qzDfPIW5nleTESQnf7L5vVK9yecZpj-8TW5ZrOa01QYaRev0EACqCfD$xA0TgoPqs$+D-9miffevQ82f5Lcv7vAK7evQpZ$ImBzxccRE0dn0iml+AuLyeq1HYo5BvVBbTMEzbAbm-fz8Gs$tBDwiL7Wz8v9ltUEQ$hrsCjf4FEkiibpAvclk47EEQN-mF5i7SiVIfuRzVkOfeezQefgAGVHv2KT9ulsdoGcVT8QZyb4hC$H$msVVD4M$EHDQpQGPQKyTq+OQT8C4o+kwobtMi8T0HKXb8ib3x5IlXf4T1gvwmjlx0c00zGw$ZyYjIBOKAQkf4hovshQMGvE0fxeucqd24QGoJOvfSSwiLRCui4hKwQ4YQC1ZTOqHWF17fIBtB$7PHotu88RcSvptCcUMw0Qq-T9qM+4rZvF0zTOLt+rCxT50$F8d7cOMCtFa75iFT4Hao9Lu52SNmxQC+aCINa3S7mvPR+RTM5uYvs+L0E+$cJV3OPLb-G8EaBh-u7JNh8LCkd4zidMiZ2X9sVtyY-i-9KKT4EEmVusUEhIQqWU+2iMc8rwxJRFuNsQSgmJfPpjQpKuCRkkpsNB0WpM9aAta3sLJh$aQvVvsPaGuTEGTN9cPw+mtWciP-NpQaXvfruLKKyeUans1frc$+WaNq9Lq+AI2ALvkNraa5zwY2P0vX+Q7T5uwY2y3veNu7CUZSv5L+GEewvmhahFd0191o97V1G9GW+aGsKRXyZvqrDckvU+577DlAIrKs0E+sfFx1dfRV39JN8V5XawJrAb9UaTbg+yQir+nGUkhbMYyQqJ+E9olVycRUQt2Bm9MlCigR1GN7m49BlgOZHZaICB4GHsyHONv9iLKEGoeF8g+zOGuEJWE+e8ew+AqImB1Qujb0FmFqqOifAei9xFuN4MB1KklgeouZaIQ+8vTNS-CLU0GClEGFQHTTLp0GsL4vFsyTMxuIiBEjav+-TGZBwfUBX$oiNaI0UXmhNMRdNVA40BJf2mbG1lJznRycY9BA1VKQ-xRdM9ONm1VKc8MY1hYjQCfTsnTqUyeq8pQ1zs+9GqPw9ymwaSBSotzUXI4pX1iKOmCRyHlRmlf0sq9r5yarfBw9iN3y4kmEqvp5a4uIbTNkKYamA$Yti92v1jq3A49PKabNvuEtA+X5UN5meA-28$l5YGHcR3P1iII$Gf8YKmGsaiimB1vYhqmbhiFGg+YaAYWQPG+mV9gE1WKMfNMB0+j8rTY+cVvTljjr3W1xtrezimjlM+cMrjLQQPyu3aZ11wz1xSHjqRq8HLTOc9Na88KqT5VyVsCBt+-q7GpLsiuCU8tiQkL7$LXN2PBdSj-Ae0z8hBv2+ooY+1iJt7mMIjTv5pyTmVHiDIwRrJJR8kgLf2KuAlzQW5FQcQQQSPI2soAc+Q-a-3FmOTQ-CP9$QhhLqZpgtIocSk3VZfONhsC+ZjthP$WILQgg-MhWqHO7ZhChKUsOQQ5eVDukQsThCQD$sVpcRCsw+sR$U38UBaTwj5p3CV2VjOty-+Sjy1VEUsu0p1VhOQ1$KQDwVQ$ZX$1CQQyAlg4bqQWZ+9IAQiRj$co5qFCmQh5Oy2mVBqx3+GtNgbbGUNQMOsW90RzbRCgqVQsWzbGUAQOSdj$RDzbNujQjH$V-Ng-2qUDbE-lO3ZHI$KQ$M+SaJqeDTo0VwckuwLqVRZ2YU5qL7cO32FF5hC8kNVjZoH8r1rQqA1aIA8HQQ$azcfc5KgnvYQn4WzQDquRsbqVgQB4-DqJTUbWVTuwspOQu8nvgQIhdQiwlgcj8Y$BIBHhTAr0kxRhIhf4jX57LkthCzIzjoD9ITIOye+Z+mRb9$QPHIVtHHwPwmWcNOaMTuz2kLYz8s$xubXGWITRQfAFiU+Qp3dLieFhb3iIhybYi8j8AVWVGXr7aCVcLI2KQiQESp0hO8X2MQcQZQvQhVQI$lCIhRNEFF9TgOfZTuuljWt-cJTfZIhohIkB5lhyoVKIwMlN-HRj$iRpkDQjbY34mFARgvzr5TYs8mV5Fy9WajLSu-5VQQ03SiCfVZLY0klYfa$ZNKhjUmwGRsntO$M2L$FwMJkLiY8oC0Q2TzMQQlxYROQQ"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:29 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 0\r\ncf-ray: 9aa58ff70a5dc759-OSL\r\ncf-chl-out-s: FUaWUR/2afZ/Q1bqXtuEoQ==$s7OoTJxyxl5GxUT8Sg2BaQ==\r\nset-cookie: cf_clearance=XoTw4EeoLz_LaL.E4MBRyi6ftnhnmvCDfgDr8XUWg2k-1765126649-1.2.1.1-GumEjUbEGuOydtJ7ng290a7C5Kzu_Htr9Kgm4X3OO9XVMP62UrhBUMfmaPFYT2hhCsktvGFwJKIGHggPcDOG2ietfEm6It9qjiOKq29o0jgiiPocYD1LVo3H609hDwr3qf7XzFfav1ul0SdlsiTk6KnxESm5Mjc3chB9A9Oy8XiJpyc6VReRu5SMvRJS58lOkhD4dciyXQ2vPQDUUxYjsSjHK3Fpb0HwZxlYqX4Pj1U; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=toto123gacor.rest; Expires=Mon, 07 Dec 2026 16:57:29 GMT\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v15/Xyjz-jNkfiYuJf8UC3Lizw.woff","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/roboto/v15/Xyjz-jNkfiYuJf8UC3Lizw.woff HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://toto123gacor.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 26588\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 05 Dec 2025 13:20:17 GMT\r\nexpires: Sat, 05 Dec 2026 13:20:17 GMT\r\ncache-control: public, max-age=31536000\r\nage: 185832\r\nlast-modified: Wed, 14 Jan 2015 22:47:27 GMT\r\ncontent-type: font/woff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26588,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 26588, version 1.1","md5":"a84d4b00b169826c4aea77a8611b1e56","sha1":"aeaff41dcc5caac07876a3931c86456aefdbd54c","sha256":"37e9d63421fa7b235c859737c6c65ee2ed95d79e7c49be0fe15903de908c2204","sha512":"38a4e96ead988f3a05efe819a2e146e85d409767b58950b18c6d8ab21c951469925b6ffbcd365536e45b22a8349f17fd4532444ddb4d7b9918dd46f160e1244e","ssdeep":"768:Qpi/npNamCBc356emikPENrOSc09aV5bD6M:kuJC6Jsi4qrOf09arH","tlshash":"5ec2f11679532818f31717f01cabbff2522207ac4cbc2caf50a49451175dbba5bb05ea","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.142094Z","times_seen":1995,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":16,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/12.DJPUQwQu.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/12.DJPUQwQu.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxO1iOKIn3z8YYSRDb_lP0P62jSCiM7ilJHVMP60YV9mJeeDuD-H0UWDTLwvw_vOmJLxKWBlxa8\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\netag: \"640caab52100a1e9dfe618aaeb79838f\"\r\nx-goog-generation: 1764933291259392\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 300\r\nx-goog-hash: crc32c=IuJCUg==, md5=ZAyqtSEAoenf5hiq63mDjw==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-length: 300\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":300,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"640caab52100a1e9dfe618aaeb79838f","sha1":"4654776a82e5405614a595d40cb33ca2b5bae0b5","sha256":"fb8eb817d7251014c136b441bd4004fa6567908059013edbb938925f23b67ceb","sha512":"17d605182be517c5e797b2fd823b9ab7b6bd73d97bd2c3d11c5eb29d108cd350d789116528e351abaebdf3654cc65100b9e3353064ba38c9ab9008126c6a3061","ssdeep":"","tlshash":"00e08cbdfca8d92152f5e9f8c0b60822cb593b0e502382b0f60e6f4a9519199a552826","first_seen":"2024-08-27T15:26:59Z","last_seen":"2026-04-17T02:01:43.448835Z","times_seen":24549,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/icon/icon-24d.jpg","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/icon/icon-24d.jpg HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5662\r\ncf-ray: 9aa58fe7cda1c759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:46:30 GMT\r\netag: \"650bf4d6-161e\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5662,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 210x205, components 3","md5":"68f536efd4d9cf08d6edcaf5ca4d7ced","sha1":"a4771384bf6e12cc4737cf2f3bbabe27aa503e09","sha256":"df5bfec8fd98e9195fb9f02960c1f2a06deb9f024dd04801a45b772feffbf5dd","sha512":"60e03089e2e87368b1af8e759e5f197b542388b0aa760d51f24a244504450dd4f94ec1c3b4a628eec42437b5000ce0caf7eb5de0af362bc5f495d60c7ed929f3","ssdeep":"96:I1BKRCSc/BDLJv3QNwNpaW/5aPmDS0wZtTWnBS7Ow3OhwFWBtoDxzD6M:9U5D9vANwf0sS06tqnk7bYPBto9yM","tlshash":"6ac15b2eb458bb0fcde8d6334aa9f584bc1d9d980752ab672c504899bb58877a887200","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.187277Z","times_seen":1591,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bankmuamalat.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bankmuamalat.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 83419\r\ncf-ray: 9aa58fe8afe5c759-OSL\r\nlast-modified: Mon, 04 Aug 2025 02:55:07 GMT\r\netag: \"6890210b-145db\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":83419,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1078 x 809, 8-bit/color RGBA, non-interlaced","md5":"44c401321433da2e17fa53f3fcf587e3","sha1":"2ec6792ac95b369e9d0137b7b4c6485ac39e07e3","sha256":"befdfbe966701e60a5335457398fd67ecf0a1d3103f162eff04b8f94e3da606c","sha512":"589aa9bfe511ec864d67008f0c460fad69fa7e6b3820bcd932950b3e407835e1237dafca7f07650b5cc5ead0e3abf9c883aff6be464b00e69118fbcd4c3a2ba0","ssdeep":"1536:3pPKAQKiaDE0e5YtK2QlAO2aDeqm2nhttO6S/dP1:hKAQvx01Qln+2htQ6SlP1","tlshash":"a0830298a193c80fc9072d3ecbbe0ae6e0a1557cd40f6cfcd664f24b629fb5569102d5","first_seen":"2025-08-04T13:31:12.015773Z","last_seen":"2026-04-12T12:16:01.858746Z","times_seen":42,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/ovo.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/ovo.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6BJZPa7Pr4NXosnoUvxCdWWp%2BgYZ8Xba9V6A0miEVtwk4IExItLIlZax8YG8lIMXmabrLNHbPy9iZqELC9EMWYZKrOVV8yU%2FTEBlQg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2af70568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/media/new_message.CTorF0S8.ogg","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:36.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/media/new_message.CTorF0S8.ogg HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://toto123gacor.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: audio/ogg\r\nx-guploader-uploadid: AHVrFxPLjDv3E8DkzdHGSK1MRAXdJz_dp3i6ci7Xe2wQ4Wrce1bZxKDqCjYzjuhgexCRfix5VWPZH9c\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\netag: \"a37211a6cfcda45352d5abcff1e446bb\"\r\nx-goog-generation: 1764933291380328\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 11404\r\nx-goog-hash: crc32c=ZhCqLw==, md5=o3IRps/NpFNS1avP8eRGuw==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\ncontent-length: 11404\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:36 GMT\r\ndate: Sun, 07 Dec 2025 16:57:36 GMT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":11404,"size_decoded":0,"mime_type":"audio/ogg","magic":"Ogg data, Vorbis audio, stereo, 44100 Hz, ~112000 bps","md5":"a37211a6cfcda45352d5abcff1e446bb","sha1":"5f46f941ea3247a17e35be65dcd38583c7ecbfb6","sha256":"1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d","sha512":"136e518d96d6cf07852df28588a940017560cbd1f80d93a974d6ed6f7caf566acc49357840ce6ee3b6eae943278831d0eea3edcf97a54043e858ee83c45fd96f","ssdeep":"192:LDJo+OFSt8ZPWHoDH5g2nlN+6cePsYs7+ZkMtmE:fi+Oo81q2g23ZNUhIkER","tlshash":"13328ee6e7f8d26fc175a1baa12b0bbcb7e0139941a8c6e87f5443370d37a04cd20445","first_seen":"2023-04-05T18:16:08Z","last_seen":"2026-04-16T22:16:07.066699Z","times_seen":663,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/btn.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/btn.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 66617\r\ncf-ray: 9aa58fe84f12c759-OSL\r\nlast-modified: Tue, 31 Dec 2024 08:45:05 GMT\r\netag: \"6773af11-10439\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":66617,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2560 x 1436, 8-bit/color RGBA, non-interlaced","md5":"c735fa47c7646cb1960cd28c3a9a6150","sha1":"1d787dd6e2a93a10a119d65f749f0e2a03f22315","sha256":"685b9df208c28e4c6cab2aeac29574171f3704b4a3727e6d4ac2a1e4a6495d92","sha512":"bbfe49433351157c1a2e48020d7573defda3102d52253077ff1ab7765607e09fb8504fd0208ced4ac1a61327646d56d10f7b21c593bd1d5cc88a3326d52d1694","ssdeep":"1536:oo81SHChYpPkFwMIZI7CY3ogAsiEHZyuc0gkzEqZExRt:ooBXPkwZVuoglxcF2exRt","tlshash":"a953bf56d0178abac1a94eb2c0ff5f0bb772837b8066574693b2491d3dd57bfac01680","first_seen":"2025-03-10T01:18:36.772614Z","last_seen":"2026-04-16T10:32:07.148245Z","times_seen":156,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/bni.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/bni.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9jqxWVLHFCd3Qgoxgg3OWD7VuTl619FnJBbPzganJq6bJ6y89YLUlpUA2T7sKwRrJ4rN8TQXF5K78UFMF4jrzHQFgYxXq0LGU77rDQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff26f69568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/bantaeng.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/bantaeng.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AN2KeJ49QzecT9%2Bj0I9XIWqx%2FPFfWy%2FAcsXesPv0HnqK%2B1OcTIScg519kvPXYyeg67tDH5aTq7ZzovbpxBMKrNlGWXWmvNPjoEn4PA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff34fba568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"object-d001-cloud.cloudstoragesharingservice.com/banner/image/promotion/SlideBannerHomepage.jpg","fqdn":"object-d001-cloud.cloudstoragesharingservice.com","domain":"cloudstoragesharingservice.com","tld":"com"},"ip":{"addr":"104.18.17.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudstoragesharingservice.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 11:45:16 GMT","end":"Wed, 25 Feb 2026 12:45:03 GMT"},"fingerprint":{"sha1":"35:82:77:C9:F1:1E:C6:F1:E3:6F:56:07:2F:3A:30:D5:64:B4:D7:ED","sha256":"13:DF:CE:03:C7:6A:DE:A3:76:80:CC:51:F6:94:50:25:05:22:B7:9C:48:F4:53:25:C5:54:D2:CE:04:62:3F:97"}}},"request":{"raw":"GET /banner/image/promotion/SlideBannerHomepage.jpg HTTP/1.1\r\nHost: object-d001-cloud.cloudstoragesharingservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://toto123gacor.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 71875\r\ncf-ray: 9aa58fecf9023181-OSL\r\nlast-modified: Thu, 05 Dec 2024 20:48:52 GMT\r\netag: \"675211b4-118c3\"\r\nx-frame-options: SAMEORIGIN\r\naccept-ranges: bytes\r\nage: 7119\r\nexpires: Sun, 07 Dec 2025 20:57:27 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71875,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 840x480, components 3","md5":"cc97d970f4c6377769c346dfe64752de","sha1":"ae728d7ef4bc89f9a6dedfaf86a2b7bd9811b919","sha256":"eace32691ffcc495e250929f0e30ab680a58702ecf25e54a7843ba1f2e7b0ec2","sha512":"7d3aa550083445fe6781359bb4b6d6738988f69a9b5cf33c21361a90d605927a5482db6e08e263d8b23f5d136441efb9da52b11f965f945a0538399eb360eaee","ssdeep":"1536:vrr4WPigKuM7QbumlQIjh1GTbVsTqWLON84QU:gqi7uMR7IjibVJ6WQU","tlshash":"9e6302bbc30724faee91ea4717d35123031a6a1dc9b49a37dac853627844772eadcc43","first_seen":"2024-12-07T08:31:00.206025Z","last_seen":"2026-04-13T10:22:36.093676Z","times_seen":291,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":75,"dns":19,"connect":1,"send":0,"wait":13,"receive":7,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/oregon-12.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/oregon-12.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5zC85KOkUojzTfUNSroDcZv8ywrXALeE4k%2BNQj7i7BRUs8DWsXnNzblxkK1uVgNbCCc3UvucL2UFxJXu8luq9%2B%2BWTuljZXOnQCECSg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff30f97568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/jquery.fixedheadertable.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/jquery.fixedheadertable.min.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3237\r\ncf-ray: 9aa58fe8f8aac759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-298b\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10635,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10207)","md5":"406edd97a8850446d2693ef306af0708","sha1":"bd4996afdab1f18893ef89c3281c55e6585f334e","sha256":"991994866beb5e90d2205f4c5d4a757ddd38c6399386335991b260a89d857fa1","sha512":"493f04e96c9ead6dd640cc2a8c53e4aa3b43171c7dd51a4eabfce9fbcf00c51fd9d2edb1be40e6dac6ab6f3850b53234f177bd232404ce70ff287c11735f7d8c","ssdeep":"192:J/PBMlQxEuOaOGWzw32xilOXrPN7pOIN+5Mfj9SPHwjwTuv0vS2QeON:JBMlQxEuOaOGWzGEZrPNdh05NPw+S2sN","tlshash":"9b227195b3f93192c5fb61ba59fe014db0214d37a74b44b0b1aec1b81e70d8d22b9e2d","first_seen":"2023-03-07T23:34:28Z","last_seen":"2026-04-16T22:16:07.221202Z","times_seen":1813,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/css/style.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/css/style.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe7ad07c759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:45:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650bf49f-565\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1381,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"7948ca78fd59f3251d841d7ca5799933","sha1":"cf65ff1a6be935c9e9cbc1a3cf8253a633547318","sha256":"75010842dfd01763618136d66e0aba9164b30ec4dfad61242520c07e1df8a5e1","sha512":"008effaffbf9e2e764f573921f4dccca7b4ea88dafaccf1199a088a6843fc11749cac2737b42dc93885e0a70dc00b9f933e53eb46a4a4b2100ff5b5a2701562e","ssdeep":"","tlshash":"63214491f7c33667704a801c9ea1b5bc1f1b2287975acf3af20033fc8b846801c76999","first_seen":"2023-10-29T13:33:29Z","last_seen":"2026-04-16T22:16:07.157834Z","times_seen":481,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/nivo-lightbox/nivo-lightbox.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/nivo-lightbox/nivo-lightbox.min.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 2090\r\ncf-ray: 9aa58fe8e890c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-1cfc\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7420,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7420), with no line terminators","md5":"a5896459ad6790d1d94eb2180e59e965","sha1":"e5d4b0ef3a929aa6e20ede86b024264a8cf2b473","sha256":"65723a3f6bf46e95bd82bbbc3f986c0df44ad1b4427abbc3fa252a53ff40b4ea","sha512":"de291f580572eacf236b4b7a51824e06cabce1f0544a5e2c7edd60f5cc2716757eee71069a1dccc42037d1704e4433e732469c46b74ea690911010cc6e1f50b4","ssdeep":"96:RwsLo8zljjmeC8CVZfOTfqjf61R9WTE6F67A6f8r6Fk4zzdtMTnO:RwSPNPcfOTfY61zWAAS8r6TBtMTO","tlshash":"57e1420db351525046ef3567211ad334276a86ab8c41e0b6b36cc4d7a7ebf181d33e6d","first_seen":"2023-03-07T13:14:18Z","last_seen":"2026-04-16T22:16:07.081346Z","times_seen":2049,"resource_available":true,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/2.DcYSq_5p.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/2.DcYSq_5p.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxMApBv7OiJWMsLfXo_RpOIaQBhv8xAug4bQEw95pmuvV-D6_M8HHhM-kGz1vUn4hUH3\r\nx-goog-generation: 1764933291366034\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 408035\r\nx-goog-hash: crc32c=F5wmuA==, md5=PLtNL/fhLd36J52LSTX5ew==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 116058\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":408035,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3cbb4d2ff7e12dddfa279d8b4935f97b","sha1":"478ee0aa7e60798adda48a9a568200000eab55fd","sha256":"09b7355c01caa389d7db222462a9d0022e0a0c3fd1ac37b5c6c52b34ca5feb64","sha512":"7ef38130c4d0f86c1d4d2a22aaf4789018ae48a028edc71bfa99c1d55d5d24be0a70e40dd74d2baaf62231bf90978bbee9a8553db26e59a3d272f838c0f68933","ssdeep":"12288:SqI7kkkC8NMQxiHnXK1roTvOCtsrJoSKXHPe/mf+5JqcFqeT1q9XBaFJ/MM1aE8y:SqI7ZTLe","tlshash":"65945be0b282b538d7e7c19790bb160df33d3d49b42e9660f1ade85e33944889267f64","first_seen":"2025-12-05T11:45:40.084239Z","last_seen":"2025-12-08T08:57:32.260627Z","times_seen":214,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/jenius.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/jenius.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 2310\r\ncf-ray: 9aa58fe7fe1fc759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-906\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2310,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 24, 8-bit/color RGBA, non-interlaced","md5":"e7248b9be9e6467dd95119449994d494","sha1":"558aea3f3b42a18f90e0b0f3239f783ce152ca51","sha256":"89b4591d94ce2999fe469c19693a27dc69211a41e55239dcc63400a65618c128","sha512":"7e6a4f8f677b836e0511e4fe35ef734b5b2e76f75626d0df540764d93e9980e10def9ec5ad1316d09a268665a835d3c0084792c722d63e40f6af34762d2a7977","ssdeep":"","tlshash":"7d414ba321bfcd5d532d422b0c7bf244308b86c2266086b3a097d2833d34a8dd89425a","first_seen":"2024-06-16T19:29:36Z","last_seen":"2026-04-16T10:32:07.233131Z","times_seen":393,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/banner/Slidertoto-4.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/banner/Slidertoto-4.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KqGBpdmSc4vmw4yiF99xY%2Fcix5ggxUHzrbYfh0fZUlk%2BivTXdePaCF5GpT%2FqyIfsMCJGrBnDjkGpg%2BlPF5kCMDtfX7NtiL2lXIfRGw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58fedeef6568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/totomacau-5d-21.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/totomacau-5d-21.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oleAfxnh1M8wZsKwFG00ALN4KNgjLE3hcN%2BBi4c63kjsNyisL2JOF4X352MoMeWCyEkdb17Hfhk6PKW7WTW5dORtFcVpEu%2BmLgWcWQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff33fac568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/assets/css/font-awesome.min.css\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 77160\r\ncf-ray: 9aa58fefa8c9c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:26 GMT\r\netag: \"60c6c4e2-12d68\"\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000;includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\ncache-control: public, max-age=14400\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\nexpires: Sun, 07 Dec 2025 20:57:28 GMT\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-04-17T03:13:45.187702Z","times_seen":428565,"resource_available":true,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/seabank.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/seabank.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rf3rezRMvi3P0%2BamNO766Jls3RPGqcYdDQr4%2FA%2FYW%2F%2BoTYkJyajNLvVLyX6tnlXqbCigJ0t%2BQWJEe4uL2ZT2K1Dgdgt2B5Z2MhoMug%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff29f6d568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/oregon-3.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/oregon-3.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JZZAlCb9C2LxCqUcMLLuriU4MPgk7ZfSmRSESjWZ%2B1sC%2FpJ%2FQkX41pNNpnKXCDaQ7PsW2Anq10Z22G0gnMppgA9kdqiZNKgYWS2TAQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff30f93568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.files-text.com/api/accounts/avatars/82478514-7d8b-41d4-b2a5-a7912bc5b9f9/4c0d00bc-05d1-49d9-8321-43ad399403ed/c6e48171-439f-454a-a337-8f3051112f9f.jpeg","fqdn":"cdn.files-text.com","domain":"files-text.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:36.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /api/accounts/avatars/82478514-7d8b-41d4-b2a5-a7912bc5b9f9/4c0d00bc-05d1-49d9-8321-43ad399403ed/c6e48171-439f-454a-a337-8f3051112f9f.jpeg HTTP/1.1\r\nHost: cdn.files-text.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 39157\r\ncontent-type: image/jpeg\r\ndate: Sun, 07 Dec 2025 16:57:37 GMT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39157,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 564x884, components 3","md5":"d1bb61d8adfa9b42751da0a99f0de6ab","sha1":"0ccadbbfd5cc60f553cc7ac5a168a3bdb2c3309e","sha256":"b587e0932b0977e4c06e45798e5117a39042f806fe7b278ffc6efc76f30e47cd","sha512":"ce7cb8b2bde1c564173c094753b640762f0939c6af0d8da2fc6ab557f0d8b9020045cce0264ab0e7de3308408d1a8acd0610ef991a03bd2bad73c390f696ed52","ssdeep":"768:xYo/HQLy7knDn8HE73mlpYu2oN9xDE5rVBnMCOi4ZN7k5Yc:xYo/HwKknDQE72lKLoNhCH4/OYc","tlshash":"e5030119e743f6b7c36834c471392ec560fc24a786d70b7a0272a85fd3c8c69986b29d","first_seen":"2025-12-07T16:58:18.657224Z","last_seen":"2025-12-07T16:58:18.657224Z","times_seen":1,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":339,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v15/7m8l7TlFO-S3VkhHuR0at9Ih4imgI8P11RFo6YPCPC0.woff","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/roboto/v15/7m8l7TlFO-S3VkhHuR0at9Ih4imgI8P11RFo6YPCPC0.woff HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://toto123gacor.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 28548\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 05 Dec 2025 13:20:17 GMT\r\nexpires: Sat, 05 Dec 2026 13:20:17 GMT\r\ncache-control: public, max-age=31536000\r\nage: 185831\r\nlast-modified: Wed, 14 Jan 2015 22:48:57 GMT\r\ncontent-type: font/woff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28548,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 28548, version 1.1","md5":"1c2236df616e20bd4894a174fb2d5225","sha1":"c6e64be68b173f9d89afd3510f6f57d42296d981","sha256":"dbba47796ddefcfa1570846cfb0787d2871d1db17db1b8ed5c821ceea061b489","sha512":"3e81edb83849eb3ad9045c450880ce3cf59db8469d63d3c8d6a8ebb3ab691087bfd147f9023440405af996c35e4f0392bf0fc8d9dd85b0b7524cd8d4f340739d","ssdeep":"768:RfXipjanPRICmNfAeAlIHbIp6i/Ww23zlK4qO0UJP:RfXipjGPSN8lIVw23zlK4qO0Ul","tlshash":"63d2f1af26412c03ce771df5cbb492612b1eee15da3d91eb9d9438279b0a4c860243f6","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.152125Z","times_seen":1554,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":157,"dns":0,"connect":28,"send":0,"wait":33,"receive":8,"ssl":178},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/nivo-lightbox/css/nivo-lightbox.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/nivo-lightbox/css/nivo-lightbox.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe79ce0c759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-121b\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4635,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (343)","md5":"a47f8f8621ed29c2a25f14ef08ae4a6d","sha1":"a4148e7fb99f60c0d37a787f2aeb5a98f8ab9310","sha256":"4ffdcb40550fad3fd4bfa401637be283e8e5b2738fa4b8745a8d3d5fa2d42425","sha512":"49ecc0ae0303474b285ab26be003fe743203437d8f756b5273366ea219b2344fb1624d02c018bd1c62bea95c327c4ab8a9ba2e24f8556dd53567f0fd8e0ba0d2","ssdeep":"96:6QUcgp466oHNUcg/SVK98qRlNmNtNzLcaNnTYXiN92bdxJ:cp466biqr4DZXC","tlshash":"22a1071b2702104880fab216a2c4cb781f3cc20bb8626caf7386d51b6acb5dd5d57ed7","first_seen":"2024-08-20T10:52:52.92478Z","last_seen":"2026-04-16T22:16:07.210946Z","times_seen":482,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/cimb.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/cimb.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fb%2BOnsmrJmHv9BawVpuEhtXWDhFeLHgVZmIwO3VSQOLyX0UDxqTMU4SbPVtq%2FLp1aZI0UDcG0mTocP%2FKyTb78t0v2qfQSNDEJq8KqQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff24f62568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/owl-carousel/owl.carousel.min.js","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/owl-carousel/owl.carousel.min.js HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 6677\r\ncf-ray: 9aa58fe8e88dc759-OSL\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c6c4e6-3a44\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: HIT\r\nx-cache-hits: 1\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14916,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14916), with no line terminators","md5":"2fec2de7cc7d2d9a66130311f52b5db8","sha1":"5cfc389925bd8200ee1e0fb224434ded9cae3f15","sha256":"4b18105a346260a3e8359cd02633fd5f8bb244f2d5f43e4375a1efd10e5c865a","sha512":"2c65ad232d52605402fe3c61104ca6e19be96dd89eb072e8554c3019b549c1af260a6fd16ab7c007b4ddc24e9c0bec770aba5cc4d1cff2fb7a9a241699d8a04c","ssdeep":"384:XWxb9XXAhOfMSelTARgzoSC0Z4eAchzD/DM5F:8b9uTARgz5C0ZVDL2","tlshash":"1962183a2152321653b261af157c818213e548023ec7b464f9e6f8edebb6161117bbff","first_seen":"2023-03-07T01:34:34Z","last_seen":"2026-04-17T01:45:50.823578Z","times_seen":3115,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landingsplash.xyz/banner/image/promotion/IDNTOTOSYD.jpg","fqdn":"landingsplash.xyz","domain":"landingsplash.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landingsplash.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 05:54:15 GMT","end":"Fri, 06 Mar 2026 06:50:30 GMT"},"fingerprint":{"sha1":"28:F5:8F:29:DC:E0:B9:4D:43:BB:A9:FD:24:C8:AA:38:8A:C8:AB:43","sha256":"44:98:9B:0A:19:20:36:62:D1:E3:1B:29:43:6B:2D:FA:8A:C5:C0:35:0A:48:1D:49:9E:30:12:E3:72:BF:91:13"}}},"request":{"raw":"GET /banner/image/promotion/IDNTOTOSYD.jpg HTTP/1.1\r\nHost: landingsplash.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html\r\nlocation: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/promotion/IDNTOTOSYD.jpg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZyQCIQfyBjdo9cssIGpwr6uDtk3aKg9mNuGOcCMut8Yt1nfYvbwdC344mh8jl8cokg%2Bhh8%2FIhfUcojFwAcXDbG5WgC06786rrG1%2Bly0S34Qv\"}]}\r\nage: 1110\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: 9aa58fe87ffa783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90323,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":23,"connect":13,"send":0,"wait":13,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/tracking.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /tracking.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOHVmAsVQLX2wNZl6HLUVA7PEChFngFImyzcV9GgZgF6DjKjJyMk6yhC5z4RcbvgA7UH-rkfXUw\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\nx-goog-generation: 1764933291434571\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 102799\r\nx-goog-hash: crc32c=W5zYBQ==, md5=7L8fb07PoSOc5loMuSgbfw==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 33428\r\ncache-control: public, max-age=28800\r\nexpires: Mon, 08 Dec 2025 00:57:27 GMT\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":102799,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"data","md5":"ecbf1f6f4ecfa1239ce65a0cb9281b7f","sha1":"eb96a9ad7ee7fde6d7ab1cbfb41a2945311c0e9e","sha256":"727c5bd8a9060788fd796cac0b7bdf5f34472d1492ddea0dc2ccda93902b6725","sha512":"e05113da1d6ba3798a74466360d51345734af834f494498a42e1042e89ac4b4bb2682cb7417281d31c651c64541fba63a79180f1237df1a36faef03f3775f04f","ssdeep":"1536:EhyY8Xri/oIjrDcUiUeygZeqrZ8ZwpPGUQ/POK9p+CjB:EAY8Xu/Xx8ygJr8/mW+W","tlshash":"6fa338d67282b03493f786eba17fa312b2392918340d8420f17cdd66395a9c79177f6e","first_seen":"2025-12-05T11:45:39.98031Z","last_seen":"2025-12-08T08:57:32.245725Z","times_seen":241,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":4,"dns":53,"connect":1,"send":0,"wait":5,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/seoul.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/seoul.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nUv71PBX4JBprmhkRRNRhGg1auuMPYrTvv0LkAbpYXG3G72yYevpAfMVG5UuBdfD7fLCmdmQHgywF%2BSlSztpbZSMA8L8U34fQark4Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff31f9d568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/css/vendor/bootstrap/bootstrap.min.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/css/vendor/bootstrap/bootstrap.min.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe77cb0c759-OSL\r\nlast-modified: Mon, 03 Feb 2025 03:25:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a03711-1aaeb\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109291,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0a79db938c7418a0f16560c8758d8d4e","sha1":"79b10b3baa06c8b73b986187521e4a0d6766f938","sha256":"1100977a241133f42972e197c28a12254b88b7b512eb3f4a8d79f3d7ef8a0084","sha512":"3c026bdb70c1b28ca42b52d5e6c77e9ca1f5f63199ebfd3527c92f3bfcaf0b48f0b5e16ee88bda50ddeb5795084f57c3685a50ce49c66818cf31c45b302452c8","ssdeep":"768:jbGxwUkBUmlpztzuRdvGN6eABkdIUIbZbnbJN8gwaKNhL3tqNhkRQmNaw:kwldERdvGNIkabbRk3chO","tlshash":"c9b3d7a0f11031ea7223c55a71d0ed872619a053e66b4fb7f22f25d88f895ca1773f1a","first_seen":"2025-02-03T12:58:18.829121Z","last_seen":"2026-04-16T22:16:07.133252Z","times_seen":1526,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/js/vendor/tabdrop/css/tabdrop.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/js/vendor/tabdrop/css/tabdrop.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 14 Jun 2021 02:54:30 GMT\r\netag: W/\"60c6c4e6-cf\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9aa58fe78cc8c759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":207,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5c0a4a2c86225279696ea35c79bc4662","sha1":"226b8a270b730dc13f15e83a1c22a176a34e5d97","sha256":"89e825818fc01c1089ec415c0619dc547020f8a0af119471ed2cdb5edc2b614c","sha512":"494b77604377a26ed09b7f3f7ccd9d433ac85a8e45979d0bfbc710c80ccb9f327e09daebe38772952862ceaffa290f8ebd9b34a898b3bfcf6c38901355b7ea08","ssdeep":"","tlshash":"48d02349179565874785577f7d3b85cb412ef145f44f019dd1054670c44484b3095d85","first_seen":"2023-11-04T12:19:53Z","last_seen":"2026-04-16T22:16:07.091467Z","times_seen":477,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/3.DiEu57nc.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/3.DiEu57nc.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxOaiaUqDxQN52e5hISmGZLzOrIDY6TcMWGuqauMV3KdNZRutBxv3lOnHiqgMCS0-zoE\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\nx-goog-generation: 1764933291366847\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 138434\r\nx-goog-hash: crc32c=qbZ6Bw==, md5=R+tQBS8Vz8HYiqFVRgHlXg==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 43575\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":138434,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (48031)","md5":"47eb50052f15cfc1d88aa1554601e55e","sha1":"f805750b3d2e016885055b29a6e9ab8394c8599b","sha256":"7b86440589ee714b1c7a6d74e6d9a691f1280d57a36376c440cf949ceed5381e","sha512":"addcf2f225368a1dd929e431171096fd397be6d2175d4923be40eb5b8fa10d0934ce036b63bcb76b95444653e0b4db6d80c06885f4b3535c89e24b6420298da2","ssdeep":"1536:9gZQTsyz+6WzvhFCvB0Hx6J+vXlKAwTwH7nDPWnYlkChX8qg4JklHYD8b:9gKTsyzTWzvhFCp0UcDOnA5sFikRYD8b","tlshash":"dad3f8e83996f5626bf312b700af1817733c192b280c4990a211fdddb5b845ea17bf9d","first_seen":"2025-11-10T12:08:03.375538Z","last_seen":"2026-01-13T13:49:38.678696Z","times_seen":5241,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bankntt.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.238Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bankntt.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 126132\r\ncf-ray: 9aa58fe84f0fc759-OSL\r\nlast-modified: Thu, 26 Dec 2024 08:30:06 GMT\r\netag: \"676d140e-1ecb4\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":126132,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 711, 8-bit/color RGBA, non-interlaced","md5":"0be63622a223bdf5cde56cad25019f23","sha1":"8f60c81b8ad495dc62b12eb94b1dc70264809da2","sha256":"0fc74389791c33948b27fa6cfb21b93a897aa06c2a72ce87ae839cc253045e86","sha512":"865c68e5a46bea15696e2f105cac9735744b79293c120542a1837f080da5424250385b8973f4970ad8e9eadbfa77f75771eb8cd86a63ced89e7029ab02d3b632","ssdeep":"3072:9UOsdatDoCESarH0PtKdJPbGt+aj8g0kO:9UOsPCESSHuKpbw3wg0kO","tlshash":"0ec312f0544bc97a4c2fece82495dba21d168e4ca0e85b34f7f0a8ecd755bc47265e12","first_seen":"2025-03-10T01:18:36.725349Z","last_seen":"2026-04-16T10:32:07.161803Z","times_seen":80,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/banner/Slidertoto-3.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/banner/Slidertoto-3.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gFOy5olVVGpfvCt%2FUsYk3D2i9vDR0Soso8Zl7JOpDOY8gHB0WSlnl9%2BdvfYVhkxBNHyCH1jEuKZCdAk%2BLiNCm5gyquAlcetCdefinA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58fee4f07568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/5.By33xigu.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/5.By33xigu.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOEo8cOudkaKH3aAzkt8QNx9tQ4XIewfA0SrUBIVZeLyjWj3hrUlI1e70DUJxtbjQODvgDB05Ts\r\nx-goog-generation: 1764933291362466\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 194133\r\nx-goog-hash: crc32c=Gi2B9Q==, md5=UBWqnRnHWYewtEse7P9f3g==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 60966\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":194133,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65500), with no line terminators","md5":"5015aa9d19c75987b0b44b1eecff5fde","sha1":"f8e539b1cec7fb48a2e6f1f6647745e7725be82d","sha256":"fcde38b86726169cb7dee561637717072c9732207e539f5812487a339451261d","sha512":"b5a8e54be4633504806ee01a06094dbd7b91bb93812a3b13ad3db7a8455fc86579ddc48d893b20115981d1e9fb088d360dbae7586bd61c24545558e34cb8c672","ssdeep":"3072:qVzjYLKSRrZVxXLu+5FIXox57NPH0aONfpzksw7ou/YEmyn:U/wHRrZVxbuqx/ONfpzkzo5c","tlshash":"b7145cc4b186b53587e734e6487f1002f33d6d19784c8564fa99eeb63da818a9233f2d","first_seen":"2025-12-05T11:45:40.050655Z","last_seen":"2025-12-08T08:57:32.471257Z","times_seen":214,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/7.CYmrNFPL.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/7.CYmrNFPL.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxMUypuFW2EHGgY5loA5RBGP6REymzQNr1O3lik1LngjxOev9OsAHwlYlXMRY1sh50UKxmILaEQ\r\nx-goog-generation: 1764933291338911\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 17078\r\nx-goog-hash: crc32c=zinnqg==, md5=u5E2tQXCsOyiSgf4d+ZM3g==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\ncontent-length: 5357\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":17078,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (17077)","md5":"bb9136b505c2b0eca24a07f877e64cde","sha1":"aac2cfb1ff55f132d17dfd536e2874222ac677de","sha256":"274961a2c0a3969bc23dbce35f229172e4aef79d1e6f218a97b378e871793c4c","sha512":"0bd8f169d1579e70ac447aeae7c80124d87f0187bb18ca1065066dea90f278d18a8f49f2ac47397a9032c2cb4b0904c9eede2ef315c2a3784e569c4ebb65e227","ssdeep":"384:5U5urbvY+4nmo5pXl/fJfHpUR4PkWgpwnxSHI0Wrf/j7cFHyq:+urbvY9PpXlnJfJUR41gp8xSovrfgHyq","tlshash":"9a72b7c5f7aed93e53e7a4d1bc682003fa785a84f12c91a4f39c4d66719e884c173b26","first_seen":"2025-12-05T11:45:40.128204Z","last_seen":"2025-12-08T08:57:32.228793Z","times_seen":213,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"premicloud.net/banner/image/promotion/SlideBannerHomepage840480.webp","fqdn":"premicloud.net","domain":"premicloud.net","tld":"net"},"ip":{"addr":"172.67.141.253","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"premicloud.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 02:46:35 GMT","end":"Sun, 01 Mar 2026 03:45:16 GMT"},"fingerprint":{"sha1":"C3:1B:CE:CE:D9:E7:0F:06:CE:7C:B3:A7:4D:84:EC:6B:15:A3:F8:91","sha256":"2E:64:7E:BB:B1:FC:86:2C:AC:83:40:A8:E0:2E:78:BE:4C:F3:0D:F5:13:C2:D7:FE:3F:1F:CF:86:AA:11:9F:FA"}}},"request":{"raw":"GET /banner/image/promotion/SlideBannerHomepage840480.webp HTTP/1.1\r\nHost: premicloud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/webp\r\ncontent-length: 95570\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 27 Oct 2025 05:38:02 GMT\r\netag: \"68ff053a-17552\"\r\nx-frame-options: SAMEORIGIN\r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DW8lSdysADeyEr%2F%2Bx4TsbiqFCQTPeo%2BmDPYIHKvrMxmV4ddk3YtsgX20bfXoKrsHMiLM%2BAusoD1jj3BzVbuuaH4cGUJUzcHTG41Hww%3D%3D\"}]}\r\ncache-control: max-age=5356800\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: 9aa58fe869500b51-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95570,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4a8bb2a190e0c6d1c074ae915eb26753","sha1":"6a213a52a08257034db6d1865642f6c104fea723","sha256":"f900ae3967910039c7a5fb9187b1ba9ce374bc20c1c9ef6021fc7773dd5ce436","sha512":"e90273eba3b54a5d1c72f8bccdb135fd6f222fa90395c2fbf8e963de9d22f5b01ca776be8c88b8b720480ee267ae479409d4ada6bd03ba2d6415f8d52ca70c2c","ssdeep":"1536:79RZLbhBERVfH8jVUYZ1nAWQy1EqHq6RumHQ6tVHAYZv2hM9lasU7lxMjdby6YgJ:79LLbURVf8foXyPFjPHAkv2h717rmzYc","tlshash":"789302208b026ac5b4f4c0f5afc69d33c60ed6dbf4ba31806a565527ca60ea91f72d25","first_seen":"2025-11-04T19:21:06.49855Z","last_seen":"2026-04-16T22:16:07.177876Z","times_seen":507,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":22,"connect":4,"send":0,"wait":189,"receive":4,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/icon/icon-sydney.jpg","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/icon/icon-sydney.jpg HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4533\r\ncf-ray: 9aa58fe7ddc5c759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:46:30 GMT\r\netag: \"650bf4d6-11b5\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4533,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 210x205, components 3","md5":"4ae2801024b806bf9c792b648c2069ff","sha1":"5327fd9187084a3cd5665b061be1ad50a88fd6b5","sha256":"e7f471995cff2d274f80d9c96d3d4a066d8731fcea2d52446a93d88bd5e0d878","sha512":"f89eb640e5aaec141e870f04b441462557bd49d6e8d7cd72c607552b1983d9b8ca5eaccb403cf7e4037c7465fe2be0c02ada45b49873d6554b5c6fb488af0d9f","ssdeep":"96:lP+laji/gq5UJGWqiRQux3DlXOb4vCK12ccGMkFs5AaoS:xrircPqdmS4vTkrAaoS","tlshash":"73915c21c3595704d89d43346ca51a6c920c6daf09d9b165375c6ede0c3bbf0ee4f618","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.204735Z","times_seen":1502,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/bca.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/bca.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pzzsOY5H%2FVyitmhB3ePyzv%2BWIPvEPr4CwJK9WueznYDAtDE0TeJhFRYW6u6wtr248fmBOk3eUvD1uEslBVI%2FI%2BR4GsiZ%2FUe7OV4ZPA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff26f6a568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/neo.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/neo.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gZFpTP3hWBypLqOow8rNHQ%2FdAcXAwRwKbjcpk4SMoD%2ByM26DmY%2BuISHg%2FtUi2Qjlbm2NeiETMejE4HPwTpcIEt9qnedE49AkMSZj4Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2af72568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/gopay.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/gopay.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QUb1WPhHg999qtzv%2FKTYC8moI%2FwDGd7zYkcnDc9PvKcCMOW%2Bsc9U79of3Z8vwZHGQubwfgD4SevBCJ4bZNcFKvsW0h63Un5MBhXdHQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2bf7d568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/maros.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/maros.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uZSiZZ819BsDQbe4wq206ib%2B7%2BtisK6tAmm%2FLp525ZDurLe0bBuxJ4MUOOphPjd8WqeQqfohhcABJbA62atbN%2BHgMj1gRnNuzEnwkA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2ef8b568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/livechat.Cfld2iXG.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/livechat.Cfld2iXG.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxOl2LQiQnCSUroNpCNm2DSo3M4zj1XWQp1D07YZxNwHdvABY04fsurc3y9MLDHOWlql\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\netag: \"cd38a0ab1be935c31d94513296239cee\"\r\nx-goog-generation: 1764933291363417\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 432\r\nx-goog-hash: crc32c=KH9sPg==, md5=zTigqxvpNcMdlFEyliOc7g==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-length: 432\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":432,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (431)","md5":"cd38a0ab1be935c31d94513296239cee","sha1":"3f53f37f02d6b0065d224a7dd663cb063b05b2bb","sha256":"5cd3d25405afb450a9165804f3d5c3f55c0522b4cccb3ec14d97644c16c1b262","sha512":"646a90cd8ce514a2ad6c6df1e13fd07eb2ef13ed795a51b85d6e70a62acc65d6c276da3688758829ddd64207d5ddee7a15f1862559cb8f00b6e481f4b3998bf5","ssdeep":"","tlshash":"f1e095caa6446ce6f2e9ece9c810a0e246f253964be483b0d0cf83614359076cf16963","first_seen":"2025-12-05T11:45:39.943818Z","last_seen":"2025-12-08T08:57:32.429298Z","times_seen":213,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/8.7IwmzbXD.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/8.7IwmzbXD.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxOTZ22BDZ1LqfZvmalLUk_YQ8dcklIjngcWXLIWv7iS5j5Nn8V0jcinFpMr3hCjzQduH9kLJMkVmgXTEQ\r\nx-goog-generation: 1764933291322532\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 310\r\nx-goog-hash: crc32c=hg/aAg==, md5=1RYwQOoSFbw1859bRaUlgg==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\netag: \"d5163040ea1215bc35f39f5b45a52582\"\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-length: 310\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":310,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (309)","md5":"d5163040ea1215bc35f39f5b45a52582","sha1":"00dbd575c8640854b94a5bee203805e9f96b1dc5","sha256":"5f4cc6ce1da59c43b3ab3058c3b6963914a03b4f1a06e60dfc8bb6908d2745d0","sha512":"c1b160d41585576e4f95cb77ce9b4c719af399dfdb667b039a2e49963ea881e7e026f52d51e208af47e1d54b0a74de85d77b52c5021a9a81b54b0134a9924f46","ssdeep":"","tlshash":"bde07dcf60d2f0f642c5bccc49105081d768dfc02bac80e0c02c5f9017101928936ec5","first_seen":"2025-12-05T11:45:40.006258Z","last_seen":"2025-12-08T08:57:32.361969Z","times_seen":213,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/10.CgH8vyiG.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/10.CgH8vyiG.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxO9eXOzKKoYfmhg18exr_eR_6DCC834hI5oZwatJsG62EHVdkOCiT5X6uLRF2fwQdM8G8FQX8g\r\nx-goog-generation: 1764933291273551\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 4900\r\nx-goog-hash: crc32c=mBgpwQ==, md5=S5nPnrDN3gFq7+CUpfEp5A==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\ncontent-length: 2032\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":4900,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4899)","md5":"4b99cf9eb0cdde016aefe094a5f129e4","sha1":"f17250f2ceb1bb739b7264e4cef090ad7d703d0e","sha256":"1aad3271a23be79dc1572d991aaae18ec81869f60e2ab57435a127a97d57bacb","sha512":"21e9e6cbf51e6891ceeff24cf145b38d10fb365d6cac65f665ea0ca655c72a11bb623eb6e0215242950c64d12dc7f89acd0c9f6c6831e50e55a9ccadf30f351a","ssdeep":"96:CHmlKAJm2MLADeQA6Ob1NlPF2DM3Naas1pFJpInNCzaNkQyyZFBXfFBXoQFddzhe:CGu2CAHNgV2D6RuENqaNkQP7BXtBXoQE","tlshash":"46a1c7bef755f97097e98ce5e5143043ed3b16a8b8ac85b0fa1c4e51214d1889122ba3","first_seen":"2025-12-05T11:45:39.926421Z","last_seen":"2025-12-08T08:57:32.267722Z","times_seen":213,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-07T16:57:26.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:26 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: gzip\r\ncf-ray: 9aa58fe46d6ac759-OSL\r\ncf-cache-status: DYNAMIC\r\nage: 10\r\ncache-control: public, s-maxage=900\r\nset-cookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; SameSite=Lax; path=/; expires=Mon, 08-Dec-25 15:57:26 GMT; HttpOnly\n__cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; path=/; expires=Sun, 07-Dec-25 17:27:26 GMT; domain=.toto123gacor.rest; HttpOnly; Secure; SameSite=None\n_cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000; path=/; domain=.toto123gacor.rest; HttpOnly; Secure; SameSite=None\r\nstrict-transport-security: max-age=31536000;includeSubDomains\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-cache-hits: 2\r\nx-cacheable: 1\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfOrigin;dur=0,cfEdge;dur=204\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]}],"data":{"size":117699,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (1454), with CRLF, LF line terminators","md5":"81b0183c9edb7841f3b60c748b3ed8ef","sha1":"9c529f3f2f7099643ced06d62f30ae9a6a6932d5","sha256":"e9397ff7139ec8be0939d62743b75bbd102dcea1a3e96791581bbaeffe8a61a2","sha512":"53b0fb8b55f08b42e9a02375ce022cdb2c517e6d8f509e5a3d56868e46f1042d9a04c55cd90875a404272d82bc16704922e47f0452aa5ce60c799f055f5cfa87","ssdeep":"3072:xH83x/NM1+fobx/aGh9cUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUk:xH83x/NM1+fobx/aGh9o9h5kS","tlshash":"09b34466a1e01057132214d56f66e76eeda58203cf030a3473fd96bd2fb5ea2ce17788","first_seen":"2025-12-07T16:58:18.665924Z","last_seen":"2025-12-07T16:58:18.665924Z","times_seen":1,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":46,"dns":28,"connect":1,"send":0,"wait":206,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/css/vendor/animate/animate.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/css/vendor/animate/animate.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe77cb3c759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:45:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650bf49f-b148\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45384,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (315)","md5":"26a9878d9daaeef756d1201c6f959433","sha1":"fee59b3065763a2df7b6b3853ea12879c42ba597","sha256":"bab20297b929ddb009abec49f15f4b403f5fffe086102090988ad701cb8eb273","sha512":"d524ad6568960b0d2634f8546ffad149762b6aa947ef1ea93386f67e3397def73b1f78ce95261c3be9d7d1251c34d57c870e954154090bac10e4b5daf8c709a6","ssdeep":"768:cB3GBIyOvdfwB1IAtkBDK3kyr5ErUe00QT2:mwB1IAtkBDK3kyr5ErUe00QT2","tlshash":"c313a5aa4ce1224494260e15cbdc9ba84b3cc76364b15cef3386384bc745bee23de657","first_seen":"2025-12-04T05:42:45.895074Z","last_seen":"2026-04-16T22:16:07.084799Z","times_seen":475,"resource_available":false,"data":null}},"time_used":601,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":601,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/hanabank.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/hanabank.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 60485\r\ncf-ray: 9aa58fe86f5bc759-OSL\r\nlast-modified: Tue, 31 Dec 2024 08:45:05 GMT\r\netag: \"6773af11-ec45\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":60485,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2560 x 561, 8-bit/color RGBA, non-interlaced","md5":"e4c996980adec7d141e24a7799894329","sha1":"df527934795f75a80a8faf80fa3173b7022b2e73","sha256":"c010d76676e129facad4d1c4b515f4dffa51d75ad7031ba5f15a8ff1b9a1fe03","sha512":"1272751eb6d4fc9450ae8dcb8e69674c65a36cea81d82f98aae21e55547770f8b60f5eb6a073fa2e24b48bef6ecc27fe78dde4a779219ca0893bd9fd4fe75ff3","ssdeep":"1536:+X6S06VixGMkyIzS6sOZeY3sjQUvoyvg6Gt:+XY60JhxOZeCsE4ozNt","tlshash":"7b4302e3ef5fbef5faa404319885e70b7e780ddaa15e56637730f0e4ea07a801658640","first_seen":"2025-03-10T01:18:36.773805Z","last_seen":"2026-04-16T10:32:07.139068Z","times_seen":71,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/mayapada.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/mayapada.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 104530\r\ncf-ray: 9aa58fe87f80c759-OSL\r\nlast-modified: Tue, 31 Dec 2024 08:45:05 GMT\r\netag: \"6773af11-19852\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":104530,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2034 x 243, 8-bit/color RGBA, non-interlaced","md5":"f2b5380312aeccf8c2c4206803a34c35","sha1":"9c0ee8168cf210ef7dcc9c3bd53c4c53c95086bf","sha256":"cebd6f6ab8eca3dc7775e635c5ab736748929e85cc18b27d74d5e1891bda2aed","sha512":"6cc345b8ed719517257edf9062c0304b9e62cb76873502cf76dbe975ae6e1ac5327c82a5b3b2477ed0020c3cdc62beaaabf709b11ec67af1183a82ab2833cf69","ssdeep":"3072:D5gULioBTCAu8IeCY/2GujqqksoZdXTfD9IJG:DrioBeAl5s8dXTfZqG","tlshash":"37a312c1070f98be1d3fa64faac7649420bc713905ad7cf8f93693cdc31a5247a1a25a","first_seen":"2025-03-10T01:18:36.774437Z","last_seen":"2026-04-16T10:32:07.129403Z","times_seen":96,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/dkw/bg.jpg","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/dkw/bg.jpg HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/assets/css/dkw/dkw2.css?v=1765126635\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 174443\r\ncf-ray: 9aa58fed1a6cc759-OSL\r\nlast-modified: Wed, 18 Sep 2024 08:05:06 GMT\r\netag: \"66ea89b2-2a96b\"\r\nexpires: Tue, 06 Jan 2026 16:57:28 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":174443,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x1125, components 3","md5":"906314ff70278d24dcd703608e14710c","sha1":"585752742dba17e19230aa3102b90422415437cf","sha256":"35c5340e82660cc9ea07b77f25d4b79672ca54e8c6597e1f5254bffd6e2e350c","sha512":"5f8b124a520d3f40dc738a63cb823c5982574e89d5379bbee3fa7b9410e0143a296c9c0edd82ff6cefaf69861c5f396de24f5968b9c79148c7a9c17d0ce25d2a","ssdeep":"3072:h/O3fS0job5dCycb+F0tvYkItiQBBfdFEbdvKIRlkJ3yTGLsoYAyA:03RU91GdyIRaiTGLsl6","tlshash":"22042304f8b61576c5c48efb7ae3bcaba72126d065cf3d2ec5af0e15c0163b69b06046","first_seen":"2025-12-07T16:58:18.66865Z","last_seen":"2025-12-07T16:58:18.66865Z","times_seen":1,"resource_available":false,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/bri.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/bri.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k7bX5cJSo%2F2qqXqNNxNxx6adjb2LXZhCF%2BJ65GcFDka4sQSuTNqPyKVUlflEdEGtqOvWOr1VkFMbGJw5U95IhMQVDH%2BoRhNx%2ByNWNQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff25f67568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/tolitoli.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/tolitoli.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rfQKHY6CVb8u6zrsgWmVu%2BlftIZ7ilWwbDddebC8Sb619t7FIpaqvH1YCPc1jFnnuM7nkkIXwWEdBRd20qxXfDx9n%2BJtg20L8OBFPA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff32fa9568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/icon/icon-dice6.jpg","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/icon/icon-dice6.jpg HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5421\r\ncf-ray: 9aa58fe7cd97c759-OSL\r\nlast-modified: Tue, 26 Mar 2024 08:43:46 GMT\r\netag: \"66028ac2-152d\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5421,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 210x205, components 3","md5":"59818809868556332479b364aab8ea7f","sha1":"4027cbea0c7396fc1cb6dbc7b276392723cf8c9e","sha256":"d942e4f9b28cd8cfe2961f8a40919d77a8548e8341782c9c129bccfb87dee632","sha512":"ab2f3fd4af44c18594949d3e4b75578e6cd4a83ae7561adff6c4bd27619770ef89269119ad1d870102a4bac8bb30d4ca8d9e00f7a4473f10b6417678dd4ea86c","ssdeep":"96:M1R/idpPiPVliXwrGjUmubD4BZyzddkfAIwZG9wD/wqXt75P+s0ofnn+:g8/P+lO0G4mTZyzdSIIwZRzfXt1G","tlshash":"86b16ba06b45da1bffefe7330697cf00e7e48d6aac31871751bf520144bc5c45a86a18","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.20414Z","times_seen":1558,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":366,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/banner/newslider6.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/banner/newslider6.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6i0MMhrYV2wyXPFAU999XKu79w8nZNPeCs1Z3p43wxevN0zzpL2z6UeOPfN0DPEJF7QZJE2mcynKb%2FuR18EryGHZ4Oj3Zb9MhoM%2BDA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58fedeef2568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/permataoff.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/permataoff.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3UPeDxfgVv8fJ7eM4xE6GhsfhpdfNjTgaa%2FXIS%2BpZTq3B1hvEc%2BCxXmcioDiD1hwywOnEODggBhjOIB5oQw6AY1Cfcs5ZOC1eXVsAA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2af6e568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/totomacau-13.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/totomacau-13.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B6IChHRRbSPfBBgblwewlgWASgllOvXkN%2FlXg950C0iVY4CAUTfMjZcX0CEYmvCTK7MAXEZ9jJj7O%2FohdMIakKIbzI5Q3znvaZNeJw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff33fad568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/24d-spin.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/24d-spin.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4H%2BdUIZSjX%2Bk8BclgCUpyOZ6Wgo1kf%2FcapZVRuenNmc4z8X32VEhMS3gipakXZ6devZk7ZJwDAm2ZvZpiEMAOASjn1c3a7u7HojY3A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff34fb5568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/nduga.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/nduga.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aZow230xVwwuKl7E%2B89TAyAX6VNosECU8arEgEz%2FJBPK884tNR5x%2BgPPtwGloJr8UxWRNkhACp0ehOI7Q2%2F6htdFdCucVTlWRwlnnA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff30f92568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bca.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bca.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1086\r\ncf-ray: 9aa58fe7ddcbc759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-43e\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1086,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 78 x 24, 8-bit colormap, non-interlaced","md5":"6acd78d945803ba574275cb83b5e4981","sha1":"e2705a9ac3be32cc594bf8ebe29da30c46cb2013","sha256":"b60a19eb59f86325af0f4c3e4736e6ed7f3ecc1cadd6efe316e90ae7a75f0ce7","sha512":"1432ba4bbaaaea7bfefee8954f73f99d758fb0f02062cfd56d2cdd1b1ab21bd2bfe10604ff8bef8a63efc76f3e90fa17e9e65726178a50544701d7b0739f5423","ssdeep":"","tlshash":"1411b9b4fd87c09fe6701d35d5f79a28c8111c3ce9624997cd7482a7b897c808309195","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.184271Z","times_seen":1620,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/bankms/bank-papua.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/bankms/bank-papua.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4iFaeaI2CmjnKEOXdkbtYo25uSF5VQifqdAOMH83wr1FwxV%2FoCbmBLCYQd7fCFSrJJYpbNxWfTt1HlC2fw7yEzzrtuctIoZYoFQeng%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff29f6b568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/cdn-cgi/challenge-platform/h/g/scripts/jsd/5eaf848a0845/main.js?","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/5eaf848a0845/main.js? HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000; laravel_session=eyJpdiI6IlpBaEVOMFlOUzZIR1dwTkl5Vk5VVmc9PSIsInZhbHVlIjoiY1RmTFFEWXZQRkxmN1A2SklaN3liMlVIaFFUWGRnL0RZR1VWR29rWnRBL2RTSjQ1UmhzUWdnQzJZek91RWVLSkZEaHliOHc2dzlyL3dpdEVjYUxwbmVldUZCTjNkNmJRQTJmWG52WnBsUGY1aFBtaWdhRHJ2QjlYV3ZDQmFFbTl3MWxSWmxxalVwUCt4UFJTay9vZ2tlVUNLUTJjUWI2UEhNbWo2R0Y2ZERsd1V4NCtHRHV1MCs5SFVSQ1dLZUtYY2R3Q0YxQ2xNOVFTQWY0NzljRmZPNkt3aW9wWTV5dVJvYTlMTUZubm9Yb3R2VmIrczMwdTdzaExWT3dyQWwyUjJCVlllaWRPS3BVTUlDVDRTNURwM1laRzdKRWk0UVFSbnZURDJHUmNvL284ZENuUkNwc2VyemlzVGV0TWVwWlVsVno0TUYxZjV5TWZVYkRZOVVRT1BjcmxBMUtrVVR2QmVyY3VjdmhZZFQxQjlWWFROQmZiaS9JSGlseWp2cVgxd3dBc2VmS0RUQXZjUmRac2FXKzRVL3Y1YXczeTUvK3FyV0FUQ0NZRkJEWjFiekZ5OGtJOVZLWkhHZTBDd0h4eWdPQitISFUvd0FmbTM2Q2pPT1VTZXNnUlE4YzM1cENJaU9sSWRjQXpBUlVCdFpsaHAvU1VVUExkQlVidVZyd3IiLCJtYWMiOiI2NzcwMDNhNTg4YjkwNTNiMDFlYjg3MzU4MDRmZWZjMTcxMzU4OTQ1YzM4YzIxZjU4ZWMzNzFiM2Y1ZjEwZTcyIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:29 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9aa58ff5cf21c759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10282,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10282), with no line terminators","md5":"7e79a2a4cd67002d6d867510e9adb167","sha1":"3440b777055d013568d6c826fa20026147f06bec","sha256":"3188bf79e4c806f3b90c1d806d399d7324e6405dfbbd93a0f13fd525664cc52b","sha512":"1d856887b4cc8ae6f20815c050ee9e22ad778b6cfb036f27a02e404d140c49fe57bd8297a2fcdf9bbbab978aded6229abc9d23593c7b045d1734f59095985390","ssdeep":"192:yh3IAKO3QbGPMwFqW35FGOacy5eb5fvmPksZZEoQ:yhYtO0iq+iOKovgkse","tlshash":"7422d88a7e1cfd3007751961a8abb6c546d8de419c826ce387b18c29bf13b25215ffd8","first_seen":"2025-12-07T16:49:32.421103Z","last_seen":"2025-12-07T17:19:05.051976Z","times_seen":4,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/totomacau-23.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/totomacau-23.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7To%2F8OUxqRop9Gr2gWKRTLoI5XMLQqG3b5g1JWwARY4uqTC1gBLevCNSabqFJ5GiWFAxpIvXYqYZt2RabUS347y5I14FPiC0QFZAqw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff33fb1568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/json/floating-icon","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /json/floating-icon HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://toto123gacor.rest/\r\nX-CSRF-TOKEN: khOkemfXEUp2bXSR2b6LyhWASxtdDPMewbasMXUK\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:29 GMT\r\ncontent-type: application/json\r\ncf-ray: 9aa58ff47c0dc759-OSL\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\nset-cookie: laravel_session=eyJpdiI6IlpBaEVOMFlOUzZIR1dwTkl5Vk5VVmc9PSIsInZhbHVlIjoiY1RmTFFEWXZQRkxmN1A2SklaN3liMlVIaFFUWGRnL0RZR1VWR29rWnRBL2RTSjQ1UmhzUWdnQzJZek91RWVLSkZEaHliOHc2dzlyL3dpdEVjYUxwbmVldUZCTjNkNmJRQTJmWG52WnBsUGY1aFBtaWdhRHJ2QjlYV3ZDQmFFbTl3MWxSWmxxalVwUCt4UFJTay9vZ2tlVUNLUTJjUWI2UEhNbWo2R0Y2ZERsd1V4NCtHRHV1MCs5SFVSQ1dLZUtYY2R3Q0YxQ2xNOVFTQWY0NzljRmZPNkt3aW9wWTV5dVJvYTlMTUZubm9Yb3R2VmIrczMwdTdzaExWT3dyQWwyUjJCVlllaWRPS3BVTUlDVDRTNURwM1laRzdKRWk0UVFSbnZURDJHUmNvL284ZENuUkNwc2VyemlzVGV0TWVwWlVsVno0TUYxZjV5TWZVYkRZOVVRT1BjcmxBMUtrVVR2QmVyY3VjdmhZZFQxQjlWWFROQmZiaS9JSGlseWp2cVgxd3dBc2VmS0RUQXZjUmRac2FXKzRVL3Y1YXczeTUvK3FyV0FUQ0NZRkJEWjFiekZ5OGtJOVZLWkhHZTBDd0h4eWdPQitISFUvd0FmbTM2Q2pPT1VTZXNnUlE4YzM1cENJaU9sSWRjQXpBUlVCdFpsaHAvU1VVUExkQlVidVZyd3IiLCJtYWMiOiI2NzcwMDNhNTg4YjkwNTNiMDFlYjg3MzU4MDRmZWZjMTcxMzU4OTQ1YzM4YzIxZjU4ZWMzNzFiM2Y1ZjEwZTcyIiwidGFnIjoiIn0%3D; path=/; httponly\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000;includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nage: 0\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Laravel","description":"Laravel is a free, open-source PHP web framework.","website":"https://laravel.com","common_platform_enumeration":"cpe:2.3:a:laravel:laravel:*:*:*:*:*:*:*:*","icon":"Laravel.svg","categories":["Web frameworks"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":66,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f797622117442eb8017a29c9b63e0d95","sha1":"e551a73ed156633b16a28db531fd51f1721811bb","sha256":"678b72a40035fb2e414d41e9c938856b7d831eb6f364a35369f56c239ab837ba","sha512":"0c59e2b1a38e703cd1e3175e2269a6eff388fd7012c51cb2fe0eca45af1e1eb6ad4f22cbcce95bab750e349af0d16206a86e41d39068bcb80874a29f67ea08a6","ssdeep":"","tlshash":"86a0220022003c388f002acbb0002e002ef03822c82c2880c00c200c8ba80ebfc03002","first_seen":"2025-04-07T22:45:34.719026Z","last_seen":"2026-04-16T22:16:07.183594Z","times_seen":1512,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/banner/Slidertoto-3.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/banner/Slidertoto-3.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lGVq8INsOZck%2BoDQHebq52%2B27VNZUEAtacJXy5hIiMOrZCTzlyFMCwIgBViprOc7fZb2yMKThgGY3EkGjdEQtTPxnn4nX4czli2EuQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9aa58fe8aeec569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":1,"dns":65,"connect":2,"send":0,"wait":10,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bank%20dki.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bank%20dki.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 37266\r\ncf-ray: 9aa58fe8c824c759-OSL\r\nlast-modified: Fri, 27 Dec 2024 06:45:05 GMT\r\netag: \"676e4cf1-9192\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37266,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 192, 8-bit/color RGBA, non-interlaced","md5":"0231d12579686ce4e30bfd667945abe3","sha1":"43270d4c242b651a782027c32ef46e55c265e6ce","sha256":"f8787685f4317792a1b66afcb635119b5f51174ed2f4d81100fcc8d2b2e01881","sha512":"acd68a5ab904b4875b897ea002b4a95376384d5ccfa1126339567ce43c3d5c3c014597aab9b4f7e6ec89314a6a94b290cc59d8f3c40197ac7c8fb6801005b319","ssdeep":"768:o7pxTWUkXWXybKlM8WFjB/Rx58V0k6LFP0RIRMI3w8XdR3AIblRaft:c+UybKlAjv8mvcRGw8XfQIAft","tlshash":"a6f2f2ea7ac2a3e9f856743c802482b8176995df12df0f5f470ddaa2703cd68e425e07","first_seen":"2025-02-23T02:44:50.7079Z","last_seen":"2026-04-16T10:32:07.145401Z","times_seen":87,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v15/Xyjz-jNkfiYuJf8UC3Lizw.woff","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/roboto/v15/Xyjz-jNkfiYuJf8UC3Lizw.woff HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://toto123gacor.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 26588\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 05 Dec 2025 13:20:17 GMT\r\nexpires: Sat, 05 Dec 2026 13:20:17 GMT\r\ncache-control: public, max-age=31536000\r\nage: 185831\r\nlast-modified: Wed, 14 Jan 2015 22:47:27 GMT\r\ncontent-type: font/woff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26588,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 26588, version 1.1","md5":"a84d4b00b169826c4aea77a8611b1e56","sha1":"aeaff41dcc5caac07876a3931c86456aefdbd54c","sha256":"37e9d63421fa7b235c859737c6c65ee2ed95d79e7c49be0fe15903de908c2204","sha512":"38a4e96ead988f3a05efe819a2e146e85d409767b58950b18c6d8ab21c951469925b6ffbcd365536e45b22a8349f17fd4532444ddb4d7b9918dd46f160e1244e","ssdeep":"768:Qpi/npNamCBc356emikPENrOSc09aV5bD6M:kuJC6Jsi4qrOf09arH","tlshash":"5ec2f11679532818f31717f01cabbff2522207ac4cbc2caf50a49451175dbba5bb05ea","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.142094Z","times_seen":1995,"resource_available":false,"data":null}},"time_used":692,"timings":{"blocked":318,"dns":1,"connect":16,"send":0,"wait":15,"receive":2,"ssl":337},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/mimika.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/mimika.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q4T3Sn8gtLc7Wg6xJnJBI%2FoJAzkmq%2FYQqRhuE9DrpBDsB5wwjh6hiud9lG3%2BeaLEC0%2BCMr%2FIAS%2FPvv23QXIUO6skHhZnTsCXV7HA6Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2ef8a568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/pinrang.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/pinrang.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ilut1upIV2n9jv1Im91AWfsAnL9QsPR0CK%2BDXcdkIT%2BKlSqbBSR6XfiqlxmW%2B7eRR9LzWTFzb23tBZkAH%2Bfbyg4ie4ctRwEO4DThDw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff31f99568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v15/Pru33qjShpZSmG3z6VYwnT8E0i7KZn-EPnyo3HZu7kw.woff","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/roboto/v15/Pru33qjShpZSmG3z6VYwnT8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://toto123gacor.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 26528\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 05 Dec 2025 13:20:17 GMT\r\nexpires: Sat, 05 Dec 2026 13:20:17 GMT\r\ncache-control: public, max-age=31536000\r\nage: 185832\r\nlast-modified: Wed, 14 Jan 2015 22:46:57 GMT\r\ncontent-type: font/woff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26528,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 26528, version 1.1","md5":"b20e0cef1fd0ee15a5fc0d150d4c9672","sha1":"7bef9051bf8ecdf269228c6e743dad5a8172aea7","sha256":"47a6d754139b198b90326c9ad8c22bd5e2ba5e2d7e2eeb443deed603255a611a","sha512":"cce8eb93332e18c5d4897c004ea1241f012cfa17da4f05ce87b3246e56274f9d561a4c2b49bada58f1d5d1d8f17db5a448e4bee78c0d8e3dd9a5047442d05b4a","ssdeep":"768:+fXipTa5SqjK1O4v/B7ddk/IxEjeRUVC8cy5zIQaqK7nP:+fXipTwf8/xc/20lcbP","tlshash":"e4c2e05f1bd2984df671483cc2bf5aa9f18053eb13ea7a745f925a1c22a15d50a032e3","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.083124Z","times_seen":1938,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/gowa.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/gowa.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rYjGFUfUoInqbphqMLFsp%2Fy6tpyRMSw1ACXlCtNb49ujJQgZ4GkgIbdWQXu4XJ5zqsvChYFYeA5mBeq513MRM67BUeO%2Fcn%2BTt2XPbw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff2cf80568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/luwu.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/luwu.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n6fBhd8psEb6nFqQiJqZgTNwGvt9llbwtGBW%2FgsmUc5%2FZygS5Q7tRCkAXFqsLkJJQAIguYXLYIPt5ZkC7%2BHQgpuOKYZP0Dw%2FCn4HwA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff30f90568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/buleleng.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/buleleng.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ACdq3GIM1USX6ZnsGwC%2FZzh%2F2vwEllqHvt7Y1oq95%2Fv1YYC21Tw28X3XAYokTcSIdH2rADYIN%2FxjI60FzoQHSotjOMFXfj8tXf5QjA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff34fbb568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/oregon-6.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:28.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/oregon-6.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8jodItSagXCcH4OjsRh33ydhOFSHppd4qDHNyQexJDLWmIu1ymQ3PD6G8ELFK1J0PwlmuAAcGlwclt%2F2uOk0zZL1Pw%2F%2FdW84yx9%2BbQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff30f94568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/totomacau-16.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/totomacau-16.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3SCa9W3EkSatsBfDi2jVTXOl6qn8fXtr6AYFSGv9Bl0eK5b4uOB2zz1G%2Bho9PHMTbwww9g4duBQjKyLURVD4bh8f%2FKR10nAb3FWkxQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff33fae568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/9.qYTqns9Q.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=18727416\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=82478514-7d8b-41d4-b2a5-a7912bc5b9f9\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2025-12-07T16:57:30.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/9.qYTqns9Q.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxN1umoPa4Ryq4ffodcFNkpk5YW0Wen-68EsafR03pJVKADniyJbHcEVJDsM2P62FlALvFqrweM\r\nlast-modified: Fri, 05 Dec 2025 11:14:51 GMT\r\netag: \"d541ce2d754402b833cc65b76eaea2c6\"\r\nx-goog-generation: 1764933291348989\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 40\r\nx-goog-hash: crc32c=jQQqwg==, md5=1UHOLXVEArgzzGW3bq6ixg==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 07 Dec 2026 16:57:30 GMT\r\ndate: Sun, 07 Dec 2025 16:57:30 GMT\r\ncontent-length: 40\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":40,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"d541ce2d754402b833cc65b76eaea2c6","sha1":"c36a92a0f5cef497ce42b1e8b4c72c8d9bd3786b","sha256":"80353503e48ebf6c2ae9f70184d3e758f64bacf48afe147e039df807509200cb","sha512":"f8cd5cc49f9276c580419958bf312ee0a311194fd41d116ee709e56401d769511700031ec9f3e6151f8da6b7e13b16e374a231e31cb00b92413ce5c751c2a0b6","ssdeep":"","tlshash":"f090044530d334753111111c453f5c0551144c4c05d55730c010d5551f514f4571fc4c","first_seen":"2024-07-04T09:32:22Z","last_seen":"2026-04-17T02:01:43.439674Z","times_seen":25413,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/css/fonts.css","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/css/fonts.css HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: text/css\r\ncf-ray: 9aa58fe78cccc759-OSL\r\nlast-modified: Thu, 21 Sep 2023 07:45:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650bf49f-c19\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3097,"size_decoded":0,"mime_type":"text/css","magic":"CSV ASCII text","md5":"a747a96a40f0ff24cd9b22280dbe159c","sha1":"2456960193c27391c70fdc70d706d9ac389ce8dd","sha256":"2f03afce916625a8d6dc603bd5b678668051e0f16b992e6a816c1cdb216a99c1","sha512":"5aeff76275674c3c77e9d7c2bd54515e1a22fb04c6be9a3532370872d0b0bf9a7f3d1e543eabbf7900f3c654939312cac333aba4e54da11f454a0640e0d772a1","ssdeep":"","tlshash":"e451755901dee65a6aa30ac73a8ab704fd1e112a246cc553d52c7cbc8cd362f63c472e","first_seen":"2025-12-04T05:42:45.87578Z","last_seen":"2026-04-16T22:16:07.203535Z","times_seen":473,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/bri.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/bri.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1040\r\ncf-ray: 9aa58fe7ede8c759-OSL\r\nlast-modified: Mon, 14 Oct 2024 06:10:08 GMT\r\netag: \"670cb5c0-410\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1040,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 85 x 21, 8-bit colormap, non-interlaced","md5":"6dc0d7a52a5bbb2bbf4fa766d445632a","sha1":"5f3bf4eeb2065a5ada283143a629b5b6126350e5","sha256":"5cac9c4ea7470f69937f3e0c66643af243f022ba1d0d1b92ea0b891be8d3e708","sha512":"98cad2ab03707adc5edf39f059b76189db33e6fc89bb8f1877e837cdf7f4adaca09854cd7439bfafafc9be6c5f34f47b9a218b88718acbcd34b925c037c2d715","ssdeep":"","tlshash":"2811d8ca3912bc8cf07c485000a0621efb5c01e009137c26eeab5d5c54831054ad0e1d","first_seen":"2023-05-02T15:39:28Z","last_seen":"2026-04-16T22:16:07.192419Z","times_seen":1622,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toto123gacor.rest/assets/img/global/banks/nobubank.png?v=1765126635","fqdn":"toto123gacor.rest","domain":"toto123gacor.rest","tld":"rest"},"ip":{"addr":"92.243.74.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:27.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toto123gacor.rest","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 09:08:12 GMT","end":"Mon, 09 Feb 2026 10:08:04 GMT"},"fingerprint":{"sha1":"48:FF:7F:93:72:00:21:7E:01:5C:2A:56:31:39:F9:FD:C1:9A:3C:65","sha256":"85:E2:F5:03:E4:E4:95:34:62:E9:E6:EE:16:D7:B2:E9:09:DA:FB:0E:BD:09:06:A9:B2:8D:44:93:6B:26:22:4F"}}},"request":{"raw":"GET /assets/img/global/banks/nobubank.png?v=1765126635 HTTP/1.1\r\nHost: toto123gacor.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nCookie: __cflb=02DiuEFeLQEMYPHZkahFBtcwx9KzPgZQC2HcQQoioBvoN; __cf_bm=5n9U0UEVhoN_j4mcn4kFG1eQjIHi8.wwSfQYIYuyDT8-1765126646-1.0.1.1-ftwHixx71R_Ceq90rQZxPKd9iBWP2qN7z9jTN9gu4smsTsB3F3HYo.Zso9t2bfa5X7FBJUSVfNCC0GMS.OV8aCBIHbLxpB2GJffDv7ZUJWA; _cfuvid=LeY3qEuBeJufMkPzsj9k67.MeiP0vLHiaPKTZvc6QFs-1765126646673-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 16:57:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 142686\r\ncf-ray: 9aa58fe8afccc759-OSL\r\nlast-modified: Tue, 31 Dec 2024 08:45:05 GMT\r\netag: \"6773af11-22d5e\"\r\nexpires: Tue, 06 Jan 2026 16:57:27 GMT\r\ncache-control: public, max-age=2592000\r\nx-cache: MISS\r\nx-cache-hits: 0\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142686,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1600 x 593, 8-bit/color RGBA, non-interlaced","md5":"45e0371c9d7209bd16569f7cf37763ea","sha1":"8aacdb6b4ba962a2c0e008cde6635cd10c8c5230","sha256":"aa3e1d4a75b58f81409587f73ecc4f5138b53b07ed67abc307db35a4cd0be48d","sha512":"a1cd19793054c62bab4968392dea4140337396cf6938bb62274b406d9480032eb96e65150974f702d18d40d5cc6cfd1893abf297cfb70fb5be541502abba7d12","ssdeep":"3072:2wsLy/PT83Ym9elI71Gf7jt2FPfC7fopnYozB+sn+P:2L6T1mKIKG67ApY0fna","tlshash":"a0d3137ac1f7e2d0fc2fcc7c1d29b32564ac202e85429478727fa931e61459434e2eea","first_seen":"2025-03-10T01:18:36.685967Z","last_seen":"2026-04-16T10:32:07.199081Z","times_seen":96,"resource_available":false,"data":null}},"time_used":382,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":378,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"toto123gacor.rest","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gastoto123.xyz/imgms/pasaran/beijing.webp","fqdn":"gastoto123.xyz","domain":"gastoto123.xyz","tld":"xyz"},"ip":{"addr":"172.67.220.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://toto123gacor.rest/","date":"2025-12-07T16:57:29.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gastoto123.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 15:44:25 GMT","end":"Tue, 10 Feb 2026 16:42:56 GMT"},"fingerprint":{"sha1":"FE:EA:7B:7D:AD:3B:01:AB:D1:3B:B8:7B:96:3E:64:99:C2:D3:1E:62","sha256":"6F:B9:A5:E7:FE:DE:0F:6E:01:33:47:F4:4A:2B:29:B3:35:0D:A7:59:4E:8D:A4:74:9F:A5:8A:98:97:88:55:BD"}}},"request":{"raw":"GET /imgms/pasaran/beijing.webp HTTP/1.1\r\nHost: gastoto123.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://toto123gacor.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sun, 07 Dec 2025 16:57:28 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eaDE%2FSYpIOXB3gBpazZwFeTJlwkykamtFn3y9kFmkFCheKOhTQ%2F0BQN7QzYZCMwPzjGV9A38Q3wLObFQYa8ohwCT5ZKg9C905DvDIA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9aa58ff34fb9568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}