{"report_id":"0629dd7b-d8a7-4749-a891-42122d2f9c2e","version":0,"status":"done","tags":[],"date":"2026-06-07T11:06:55Z","url":{"schema":"https","addr":"mcdclaim.com/","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":0,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"final":{"url":{"schema":"https","addr":"mcdclaim.com/","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"title":"Claim Your \u003ctitle\u003e00 McDonald's Gift Card — Limited Offer","dom":{"size":37800,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15280)","md5":"dd2a4a6bad890d0d9752a1ff0c5b3b6b","sha1":"fe799c19e422af6862f4f0efbc9eb31e3543fd89","sha256":"80dd11cbce6e4829f447c0142ded18d62e6244f3d5810ced2d1de4794dbaa521","sha512":"9e999ec3b13c56ac2cfe8583ba6f79a098a47fd3314742d874331f46c771a038e92b1bc2e59decb7dd5a185f9f2c07ef10dcca650d56a78c8857a885ee9553d6","ssdeep":"768:q6CdTuUMsnB7cxksc64Jysq7vG0UoxFoFWOtgokaNmFy:/C4pXx/c64Jysq7vioPopkgmY","tlshash":"70031940b10c123d6d2bd7a8fec8a72c6139f052ee978865b14d046ae7c3fe465abf54","dom_hash":"domhashae4d10165a29dbd4122745ed1602cbc8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"mcdclaim.com/","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":0,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-12T11:06:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"mcdclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"mcdclaim.com","ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"2026-05-17","domain_rank":0,"first_seen":"2026-06-07T11:06:56.122615Z","last_seen":"2026-06-07T11:06:56.122615Z","alert_count":8,"request_count":8,"received_data":473524,"sent_data":5571,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-31T22:21:48.210615Z","alert_count":0,"request_count":1,"received_data":6677,"sent_data":534,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.gpteng.co","ip":{"addr":"104.18.28.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-06-26","domain_rank":776423,"first_seen":"2024-12-08T00:48:33.877309Z","last_seen":"2026-06-03T15:39:33.69987Z","alert_count":0,"request_count":1,"received_data":134506,"sent_data":528,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-31T22:18:21.058888Z","alert_count":0,"request_count":4,"received_data":34770,"sent_data":2216,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mcdclaim.com/","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":true,"md5":"ca2d1b646d2450d188e5dcead5786e25","sha1":"f5953afa2bbb5d08a57d997e6526b62acedeb99e","sha256":"533df7ee18614b724d64a3e32595f97eeab453d627d11264c06dadd91faa00bf","sha512":"034bb6a3d324ed06a0962a8335533649e5bb041e607c47561b24407b29a0302074c66788f701b1e5bb3a1464c9cc8e1ae5f37d5eb8f35a1ad2750afdba45132d","ssdeep":"","tlshash":"d301afcbe7ec623243a5b4b9185aa5dd3e3800f0eb005bb61c744db43394d5d002ee81","size":826,"data":"","first_seen":"2026-06-03T19:14:25.749851Z","last_seen":"2026-06-15T12:52:23.476333Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mcdclaim.com/assets/index-oEb9I-Zv.js","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"cfdcb9a08e1eb4b0e686c51b7ad26aff","sha1":"4d9f321d6d20f02d2267e8406e2fed74d37608a2","sha256":"0b126a5d2557c0a5e5352af6122b0aeca1bf59457a58369e1fee6bdc1c84edc3","sha512":"6a33cfe67035d473e3e2eaf97be1b77c90b96a361e311ed93abd58cc9650702736a7dd3c5784f905b62103ce174a540bc3d3ee3d2e82565d925e2cd498a55767","ssdeep":"6144:4Yr4Wln7zppe1bzXfWMTsETBPbiOOitug9+HL38:iW2ZoETdbiOOiHYLs","tlshash":"cd645bd8305ab1766be342b2507f421b733c2912680d8420f12dedae77b5549a1bbfbd","size":314611,"data":"","first_seen":"2026-06-07T11:06:59.758532Z","last_seen":"2026-06-07T11:07:47.652892Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mcdclaim.com/~flock.js","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed557a78d5301fbb961abfe911a42b62","sha1":"d11a2a4e9fee28c4b1abc38cd8136bffec7e325b","sha256":"a86e084b4f82709814be6c15fd6305daa783fda87ad95402da9a4d3a1dd6d748","sha512":"18dd1525e2b4d89e3c46d92367fca020cf99fb07856acfd96a25dc7410611eea83b438c91691683983495945eb04a9427bc63e2a383cbe93449f4df0eb1ddb51","ssdeep":"384:FtUCBXTpeaFEo5TTThri1t/mCsOCXiTNZruJ4vKFlcEhRCDxOcX/YM2Vybyq/kmt:n7XTpeauI/Thri1CKWM4ldRzurwkTO0D","tlshash":"cea2b6d61007243d57ead1a13929f7d63177ea98a0caec8a7de91f84d414c83f3f294a","size":21296,"data":"","first_seen":"2025-07-30T15:25:28.733337Z","last_seen":"2026-06-28T19:45:47.874354Z","times_seen":11992,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mcdclaim.com/__l5e/events.js","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb4b8b05b580921a3c06a8496df23f61","sha1":"97a41515e827ae1c8d0d1ef43a0e9e81e6a1ad1c","sha256":"f18bb74e344449d7da6f32d0568b89f50a18c54f189a37a24e928a04b56fd490","sha512":"c788e872e94a601af2ce2247f1083656971bcacd08fb3cff6c608aa2576b326fcd29027158f43472e17728bc73c473de04bff46b14853266b367ff4f737f9628","ssdeep":"768:Z+rVEje/DC+qHuk/sk4cx5XMatHSl+SoZgTMpCgAOrFBfOVQ3ekN8LBQrjr73I6e:Z7uk/sk4cDZXrFBfOV5TFfiU","tlshash":"06f2738978f710b30563917e5b9b4102323495873589eba4beac4e492fcd65ca2f3bcd","size":37557,"data":"","first_seen":"2026-06-05T10:20:24.463402Z","last_seen":"2026-06-09T09:46:02.251426Z","times_seen":311,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"mcdclaim.com/~api/analytics","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:32.555Z","timestamp":1780830392555,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mcdclaim.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 09:14:17 GMT","end":"Sun, 16 Aug 2026 10:14:10 GMT"},"fingerprint":{"sha1":"6E:84:9B:D2:94:72:01:61:EF:61:21:48:AF:53:EC:18:B2:A3:2C:62","sha256":"A7:D0:5D:B8:C4:E1:81:6B:32:32:70:70:05:4C:59:7E:49:59:66:E5:23:81:41:0B:60:DD:A4:92:73:E6:C7:B8"}}},"request":{"raw":"POST /~api/analytics HTTP/1.1\r\nHost: mcdclaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://mcdclaim.com/\r\nContent-Type: application/json\r\nContent-Length: 333\r\nOrigin: https://mcdclaim.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __dpl=86bfaacd-b18b-4964-86a5-cca9da2b229c; __cf_bm=6Kk6LA10._LmVz_cBAWM8SDntRyCje1nD15kpcbpSA0-1780830391.1688855-1.0.1.1-owm_BgVC_d3YeMBgTcksTi3CqFcG9xWmOcSp0fdRyQrbYRwNXk5v2hbIKlum78dCXJxFgeRHaGBGWSOv2JgBXDJS3K__LcONV3DA_OzLGpGStkK9ATSgXyRJqXVBkLmz; session-id=f6434e07-a3e7-4629-88d6-128ddb8da622\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 11:06:33 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 4\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: a07f30217e0cb4ed-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4,"size_decoded":333,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"317de16bfee215df653650e9b04c5ebb","sha1":"d2cc2f560fe706bdd844ea552fdb378ac8202b2d","sha256":"16552c2580bbe8b82d3582de9eb3e20ef0e0015937c0b4f5e2bc329368476226","sha512":"9c707cfc214144e5ca719623fc3e36221d1192b3308be16c0590a788edd66604221e134d0ca09fb0b371f82ae86e4391792ce681c7a2097cd70a5e743a5f0a9e","ssdeep":"","tlshash":"934000c30000000000000c0000000000003000000c0c00000000000030000000000330","first_seen":"2025-06-27T00:49:28.651528Z","last_seen":"2026-06-07T19:19:45.936668Z","times_seen":55,"resource_available":false,"data":null}},"time_used":1271,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"mcdclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mcdclaim.com/","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-07T11:06:31.126Z","timestamp":1780830391126,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mcdclaim.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 09:14:17 GMT","end":"Sun, 16 Aug 2026 10:14:10 GMT"},"fingerprint":{"sha1":"6E:84:9B:D2:94:72:01:61:EF:61:21:48:AF:53:EC:18:B2:A3:2C:62","sha256":"A7:D0:5D:B8:C4:E1:81:6B:32:32:70:70:05:4C:59:7E:49:59:66:E5:23:81:41:0B:60:DD:A4:92:73:E6:C7:B8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mcdclaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 11:06:31 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, must-revalidate, max-age=0\r\nset-cookie: __dpl=86bfaacd-b18b-4964-86a5-cca9da2b229c; Path=/; Max-Age=604800; SameSite=Lax; Secure\n__cf_bm=6Kk6LA10._LmVz_cBAWM8SDntRyCje1nD15kpcbpSA0-1780830391.1688855-1.0.1.1-owm_BgVC_d3YeMBgTcksTi3CqFcG9xWmOcSp0fdRyQrbYRwNXk5v2hbIKlum78dCXJxFgeRHaGBGWSOv2JgBXDJS3K__LcONV3DA_OzLGpGStkK9ATSgXyRJqXVBkLmz; HttpOnly; SameSite=None; Secure; Path=/; Domain=mcdclaim.com; Expires=Sun, 07 Jun 2026 11:36:31 GMT\r\nx-deployment-id: 86bfaacd-b18b-4964-86a5-cca9da2b229c\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a07f3018cc3eb4ed-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12067,"size_decoded":5718,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2980)","md5":"b03fcb9b079d224b9bf96c2027397134","sha1":"e8ccd939969b6ed6e36b05af8c0155295a140669","sha256":"18199f1741ecacfa340edd2e0adab20c48a6e6a8003e7ce444039d5412193c01","sha512":"46ded8b4a53ac9fe498a49d2d36aa9ab3bfe92b987cc17271cdf7e51eb7c3b726fcc54165d627dc959b6c614a3a371c6d7bda3e8d1d03cfd5a73dfd48a8fe8aa","ssdeep":"192:P6CnuYoB4UTUqNMzekjywAcQSyUZxBH73YXQ:yCnu7qUTUqwl2NjaNH8XQ","tlshash":"dc42f992c368a63e5391d2fcafd5f4d8277990b3e7048dd5b8ae057816c7298e107e80","first_seen":"2026-06-07T11:06:59.752434Z","last_seen":"2026-06-07T11:06:59.752434Z","times_seen":1,"resource_available":true,"data":null}},"time_used":326,"timings":{"blocked":-1,"dns":21,"connect":1,"send":0,"wait":289,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"mcdclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@400;600;700;800;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:31.980Z","timestamp":1780830391980,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:22 GMT","end":"Mon, 10 Aug 2026 18:37:21 GMT"},"fingerprint":{"sha1":"09:D4:FC:2F:81:37:26:42:91:15:6F:27:1B:72:A7:D2:1A:FC:31:72","sha256":"E9:45:95:A3:A1:F2:6E:F0:08:73:C1:35:32:67:E6:72:BB:89:C7:27:C0:8F:D7:48:6F:0A:88:7E:8B:00:2F:B9"}}},"request":{"raw":"GET /css2?family=Poppins:wght@400;600;700;800;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://mcdclaim.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 07 Jun 2026 11:06:32 GMT\r\ndate: Sun, 07 Jun 2026 11:06:32 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5993,"size_decoded":1243,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (6130), with no line terminators","md5":"b3206437c773fe38a290ebce317dee88","sha1":"2a833042c8ccac04cca63c84a56f3a38d41a0ea4","sha256":"f8ad4c0f395be8184f0267f1a343017ee7b1651414d6a20865f19009a0c09e25","sha512":"96188e7b18cf9e2febe7444ea0938a5b9c6f598f20c413b94aea95915c2faf637a2117605ead6b73adffdac903bffb01a6e86577452470659d384ab00792eb84","ssdeep":"96:zJc+uMNNJc+uBNJJc+u1N/2yJc+uSdNTJc+u+Nc:nz+k/Y","tlshash":"b5c19c920837a118a7834ec123df7936be0ea755b470a2316bfd0c9e5ddbc65136172d","first_seen":"2026-06-07T11:06:59.753589Z","last_seen":"2026-06-07T11:07:47.652023Z","times_seen":2,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":15,"send":0,"wait":32,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mcdclaim.com/assets/index-CNwL7jSZ.css","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:31.987Z","timestamp":1780830391987,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mcdclaim.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 09:14:17 GMT","end":"Sun, 16 Aug 2026 10:14:10 GMT"},"fingerprint":{"sha1":"6E:84:9B:D2:94:72:01:61:EF:61:21:48:AF:53:EC:18:B2:A3:2C:62","sha256":"A7:D0:5D:B8:C4:E1:81:6B:32:32:70:70:05:4C:59:7E:49:59:66:E5:23:81:41:0B:60:DD:A4:92:73:E6:C7:B8"}}},"request":{"raw":"GET /assets/index-CNwL7jSZ.css HTTP/1.1\r\nHost: mcdclaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://mcdclaim.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __dpl=86bfaacd-b18b-4964-86a5-cca9da2b229c; __cf_bm=6Kk6LA10._LmVz_cBAWM8SDntRyCje1nD15kpcbpSA0-1780830391.1688855-1.0.1.1-owm_BgVC_d3YeMBgTcksTi3CqFcG9xWmOcSp0fdRyQrbYRwNXk5v2hbIKlum78dCXJxFgeRHaGBGWSOv2JgBXDJS3K__LcONV3DA_OzLGpGStkK9ATSgXyRJqXVBkLmz\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 11:06:32 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nx-deployment-id: 86bfaacd-b18b-4964-86a5-cca9da2b229c\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\netag: W/\"6338038daeb02b9bed21149c4d07b011\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a07f301de9f0b4ed-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65637,"size_decoded":12257,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"6338038daeb02b9bed21149c4d07b011","sha1":"4df7f849fc25e2ed8a0ab751a58b5d7e5ae82ab2","sha256":"1e2b7588d17529545c1649affd0cde385f9c792ef79ca370bde1f2ec0ddf0c90","sha512":"769ffe411554740e77f9c2c1fb7a39bbfb713665e92a4b45c244e3eca80031abc1340d72cfd89e5521506df27c58695435e5c09d96b8ec278cf6aa5f3131c38f","ssdeep":"1536:zAXh1uYtkjQUpaGPCr378VQZkt5FNCo1q:zAXh1TkcUpaGPCr378VQZkt5Ff1q","tlshash":"49538419b919617e3c2790e883ccb9ec610ef0c0dd3a06b9be9b41216ad37f619b7558","first_seen":"2026-06-07T11:06:59.754369Z","last_seen":"2026-06-07T11:07:47.64628Z","times_seen":2,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"mcdclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mcdclaim.com/~flock.js","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:31.990Z","timestamp":1780830391990,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mcdclaim.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 09:14:17 GMT","end":"Sun, 16 Aug 2026 10:14:10 GMT"},"fingerprint":{"sha1":"6E:84:9B:D2:94:72:01:61:EF:61:21:48:AF:53:EC:18:B2:A3:2C:62","sha256":"A7:D0:5D:B8:C4:E1:81:6B:32:32:70:70:05:4C:59:7E:49:59:66:E5:23:81:41:0B:60:DD:A4:92:73:E6:C7:B8"}}},"request":{"raw":"GET /~flock.js HTTP/1.1\r\nHost: mcdclaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://mcdclaim.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __dpl=86bfaacd-b18b-4964-86a5-cca9da2b229c; __cf_bm=6Kk6LA10._LmVz_cBAWM8SDntRyCje1nD15kpcbpSA0-1780830391.1688855-1.0.1.1-owm_BgVC_d3YeMBgTcksTi3CqFcG9xWmOcSp0fdRyQrbYRwNXk5v2hbIKlum78dCXJxFgeRHaGBGWSOv2JgBXDJS3K__LcONV3DA_OzLGpGStkK9ATSgXyRJqXVBkLmz\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 11:06:32 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: max-age=1500\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a07f301df9f5b4ed-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21296,"size_decoded":8697,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (21296), with no line terminators","md5":"ed557a78d5301fbb961abfe911a42b62","sha1":"d11a2a4e9fee28c4b1abc38cd8136bffec7e325b","sha256":"a86e084b4f82709814be6c15fd6305daa783fda87ad95402da9a4d3a1dd6d748","sha512":"18dd1525e2b4d89e3c46d92367fca020cf99fb07856acfd96a25dc7410611eea83b438c91691683983495945eb04a9427bc63e2a383cbe93449f4df0eb1ddb51","ssdeep":"384:FtUCBXTpeaFEo5TTThri1t/mCsOCXiTNZruJ4vKFlcEhRCDxOcX/YM2Vybyq/kmt:n7XTpeauI/Thri1CKWM4ldRzurwkTO0D","tlshash":"cea2b6d61007243d57ead1a13929f7d63177ea98a0caec8a7de91f84d414c83f3f294a","first_seen":"2025-07-30T15:25:28.733337Z","last_seen":"2026-06-28T19:45:47.874354Z","times_seen":11992,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"mcdclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mcdclaim.com/__l5e/events.js","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:31.993Z","timestamp":1780830391993,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mcdclaim.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 09:14:17 GMT","end":"Sun, 16 Aug 2026 10:14:10 GMT"},"fingerprint":{"sha1":"6E:84:9B:D2:94:72:01:61:EF:61:21:48:AF:53:EC:18:B2:A3:2C:62","sha256":"A7:D0:5D:B8:C4:E1:81:6B:32:32:70:70:05:4C:59:7E:49:59:66:E5:23:81:41:0B:60:DD:A4:92:73:E6:C7:B8"}}},"request":{"raw":"GET /__l5e/events.js HTTP/1.1\r\nHost: mcdclaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://mcdclaim.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __dpl=86bfaacd-b18b-4964-86a5-cca9da2b229c; __cf_bm=6Kk6LA10._LmVz_cBAWM8SDntRyCje1nD15kpcbpSA0-1780830391.1688855-1.0.1.1-owm_BgVC_d3YeMBgTcksTi3CqFcG9xWmOcSp0fdRyQrbYRwNXk5v2hbIKlum78dCXJxFgeRHaGBGWSOv2JgBXDJS3K__LcONV3DA_OzLGpGStkK9ATSgXyRJqXVBkLmz\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 11:06:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncache-control: no-store\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a07f301df9fab4ed-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37557,"size_decoded":8761,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (354)","md5":"fb4b8b05b580921a3c06a8496df23f61","sha1":"97a41515e827ae1c8d0d1ef43a0e9e81e6a1ad1c","sha256":"f18bb74e344449d7da6f32d0568b89f50a18c54f189a37a24e928a04b56fd490","sha512":"c788e872e94a601af2ce2247f1083656971bcacd08fb3cff6c608aa2576b326fcd29027158f43472e17728bc73c473de04bff46b14853266b367ff4f737f9628","ssdeep":"768:Z+rVEje/DC+qHuk/sk4cx5XMatHSl+SoZgTMpCgAOrFBfOVQ3ekN8LBQrjr73I6e:Z7uk/sk4cDZXrFBfOV5TFfiU","tlshash":"06f2738978f710b30563917e5b9b4102323495873589eba4beac4e492fcd65ca2f3bcd","first_seen":"2026-06-05T10:20:24.463402Z","last_seen":"2026-06-09T09:46:02.251426Z","times_seen":311,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"mcdclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gpteng.co/mcp-widgets/v1/fonts/CameraPlainVariable.woff2","fqdn":"cdn.gpteng.co","domain":"gpteng.co","tld":"co"},"ip":{"addr":"104.18.28.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:32.115Z","timestamp":1780830392115,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gpteng.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Apr 2026 20:25:47 GMT","end":"Sun, 12 Jul 2026 21:25:38 GMT"},"fingerprint":{"sha1":"B5:C2:5D:87:D7:51:E0:73:8D:83:C4:92:3B:A5:57:F0:18:C3:10:15","sha256":"B7:2A:6D:36:CB:2E:C6:82:0E:25:CC:93:EE:AC:6C:04:54:D4:F1:4C:15:85:D1:44:FB:0F:51:54:CB:A0:39:00"}}},"request":{"raw":"GET /mcp-widgets/v1/fonts/CameraPlainVariable.woff2 HTTP/1.1\r\nHost: cdn.gpteng.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nReferer: https://mcdclaim.com/\r\nOrigin: https://mcdclaim.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 11:06:32 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 133760\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\netag: \"c48bd2439e2921fc4d3aaef0e57446be\"\r\nlast-modified: Wed, 10 Dec 2025 13:46:40 GMT\r\nvary: Origin\r\nserver: cloudflare\r\nset-cookie: __cf_bm=KTQejK8Jt616iUnkfWs3366vmJMsv8nMEyk43F.GfS8-1780830392.134244-1.0.1.1-di.7bGEjCDKWu89UblGXtSxC8OX91S8v0rt_Yv6PerXZSZBCshbBgw4YSnCWlskNsMsgSl3orU.kKglV6pama51mT5LUtyffbM0Kz8NxLRYSlD4XviNAwA59AUQIhnNs; HttpOnly; SameSite=None; Secure; Path=/; Domain=gpteng.co; Expires=Sun, 07 Jun 2026 11:36:32 GMT\r\ncf-cache-status: HIT\r\nexpires: Sun, 07 Jun 2026 15:06:32 GMT\r\ncache-control: public, max-age=14400\r\ncf-ray: a07f301edce6568b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":133760,"size_decoded":134506,"mime_type":"font/woff2","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"71f0c7387e713fcb9a9cc3a0d0d1e654","sha1":"adfc529d0511b0e3bca5e4fc30b44a18d05ff6c3","sha256":"b214387ff9c50f1ce01d81bca47b2a850a885b4d6efd52db51c16cbb678cfb0b","sha512":"acc101f5562e2b1d85ae36627f121d972c347b2e562f4d1ff9a19210152b8a1ed5243cddc66852271ee82feccecea665d76517ef5634e05a10606e10488c1c44","ssdeep":"3072:pIf09n+tjx3hVnKa4ti2W+OI8dvsb6c2Q2LEQpk5/iTGtXSDMt1OppNUmK:pIf09nYJLKe2W+L8dyDt2LoMG4Mt1AhK","tlshash":"4c0412b90a4fcc9d46643d37247c3f053aa9dd9337b2f3a503691840dc8e9aab9ce465","first_seen":"2026-06-07T02:15:49.363354Z","last_seen":"2026-06-07T19:19:45.937272Z","times_seen":12,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":0,"dns":3,"connect":1,"send":0,"wait":48,"receive":3,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:32.306Z","timestamp":1780830392306,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mcdclaim.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 04 Jun 2026 02:56:54 GMT\r\nexpires: Fri, 04 Jun 2027 02:56:54 GMT\r\ncache-control: public, max-age=31536000\r\nage: 288578\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":7884,"size_decoded":8696,"mime_type":"font/woff2","magic":"ASCII text, with very long lines (10512), with no line terminators","md5":"310f21219174453c1b0a78068d575920","sha1":"b858117263b6774288ad738fb4b106ba0a7f6f56","sha256":"8de2fcf5b1074e4df653cea541486920d4e3188c043761d55c5466bb66d0f6d7","sha512":"b4984d709490ae58a449cf7ca801aaf1db2f37c6c3bbc1e692639b81290614f42fa7e963e5c27018788c0a847969c628b0aab87f81e1022b23b917be14849b90","ssdeep":"192:h+WZqiNmvnt0FwzsCur8Q5uaQ8P24dtAtudfT3DNcdJcsiQk+N2:fRUu8sFQQ5uaJ22AtudfvNWJcsiZ/","tlshash":"b422bf315ba4b6a073908c6fe1ee1d7b3dcaa4333060a574be5316cf9369b398909b45","first_seen":"2026-05-25T14:45:30.892153Z","last_seen":"2026-06-07T19:20:48.555771Z","times_seen":469,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:32.309Z","timestamp":1780830392309,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mcdclaim.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7816\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 07 Jun 2026 10:06:59 GMT\r\nexpires: Mon, 07 Jun 2027 10:06:59 GMT\r\ncache-control: public, max-age=31536000\r\nage: 3573\r\nlast-modified: Mon, 15 Sep 2025 16:35:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":7816,"size_decoded":8626,"mime_type":"font/woff2","magic":"ASCII text, with very long lines (10424), with no line terminators","md5":"26de826a9e64f4bf388816e3c47c6cde","sha1":"cf9eaf47e033f92986547a99d9357c0df16b99f9","sha256":"94d7c96a65ff55849e8064af0c5c814c333c31735ecf55e68be1d1c9ef6f3aeb","sha512":"d2ef7936dc503cf4aebfe4fc4021bdea286ff88716c8f513aadd3ba9754c25a93c8ba86595bdeb231bff246a79dcdf217ef53173a56ceb6b56b6cdb0a15e222c","ssdeep":"192:6/kEAx5pxXasgavkAw00MdnShL0OhQJK9qsihiJCD2at:68EAZT8F0jYJJQM3ihVjt","tlshash":"f622ae37f98880d188ba5c3eef3842d0effc6a17a14eefa9f55390215513d654c0a66a","first_seen":"2026-05-25T14:45:30.875761Z","last_seen":"2026-06-07T19:18:10.390754Z","times_seen":371,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mcdclaim.com/assets/index-oEb9I-Zv.js","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:31.985Z","timestamp":1780830391985,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mcdclaim.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 09:14:17 GMT","end":"Sun, 16 Aug 2026 10:14:10 GMT"},"fingerprint":{"sha1":"6E:84:9B:D2:94:72:01:61:EF:61:21:48:AF:53:EC:18:B2:A3:2C:62","sha256":"A7:D0:5D:B8:C4:E1:81:6B:32:32:70:70:05:4C:59:7E:49:59:66:E5:23:81:41:0B:60:DD:A4:92:73:E6:C7:B8"}}},"request":{"raw":"GET /assets/index-oEb9I-Zv.js HTTP/1.1\r\nHost: mcdclaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://mcdclaim.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __dpl=86bfaacd-b18b-4964-86a5-cca9da2b229c; __cf_bm=6Kk6LA10._LmVz_cBAWM8SDntRyCje1nD15kpcbpSA0-1780830391.1688855-1.0.1.1-owm_BgVC_d3YeMBgTcksTi3CqFcG9xWmOcSp0fdRyQrbYRwNXk5v2hbIKlum78dCXJxFgeRHaGBGWSOv2JgBXDJS3K__LcONV3DA_OzLGpGStkK9ATSgXyRJqXVBkLmz\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 11:06:32 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nx-deployment-id: 86bfaacd-b18b-4964-86a5-cca9da2b229c\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\netag: W/\"cfdcb9a08e1eb4b0e686c51b7ad26aff\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a07f301de9e9b4ed-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":314611,"size_decoded":101158,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (37534)","md5":"cfdcb9a08e1eb4b0e686c51b7ad26aff","sha1":"4d9f321d6d20f02d2267e8406e2fed74d37608a2","sha256":"0b126a5d2557c0a5e5352af6122b0aeca1bf59457a58369e1fee6bdc1c84edc3","sha512":"6a33cfe67035d473e3e2eaf97be1b77c90b96a361e311ed93abd58cc9650702736a7dd3c5784f905b62103ce174a540bc3d3ee3d2e82565d925e2cd498a55767","ssdeep":"6144:4Yr4Wln7zppe1bzXfWMTsETBPbiOOitug9+HL38:iW2ZoETdbiOOiHYLs","tlshash":"cd645bd8305ab1766be342b2507f421b733c2912680d8420f12dedae77b5549a1bbfbd","first_seen":"2026-06-07T11:06:59.758532Z","last_seen":"2026-06-07T11:07:47.652892Z","times_seen":2,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"mcdclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:32.300Z","timestamp":1780830392300,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mcdclaim.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7824\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 04 Jun 2026 02:14:27 GMT\r\nexpires: Fri, 04 Jun 2027 02:14:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 291125\r\nlast-modified: Mon, 15 Sep 2025 16:34:56 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":7824,"size_decoded":8636,"mime_type":"font/woff2","magic":"ASCII text, with very long lines (10432), with no line terminators","md5":"db3059777d19498bdd48e2667ac9f2e7","sha1":"97f89c4d58aa2e8e81cb6fde8861b9e2b959243a","sha256":"1793be3102b62aef32eb8b1d3639e43d2e3a8e08ee6c2d9b7ecc39246da3a2e4","sha512":"05dc5f79f4b8e42e993798392f707f7d8de84c59c71a7bfea767cdbb791ad69b2228e236506c9cb7f8bcbbd98034ad3cb498d5478ced3dc1b9ba1ac6e0be2397","ssdeep":"192:NYySM9SensDrlIPwIvorR1oscYZTRc2v7xFvEkjaMUciU1oUP:6dMMD/rIvWuqZTRc2VOkjaUiU1P","tlshash":"1a22bffc33ecd07b3d1120a8a746d0264d4f186b535d157abab4cab9a9a923a470d078","first_seen":"2026-05-25T14:45:30.855472Z","last_seen":"2026-06-07T19:15:28.3153Z","times_seen":56,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":33,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:32.303Z","timestamp":1780830392303,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mcdclaim.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8000\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 02 Jun 2026 06:02:49 GMT\r\nexpires: Wed, 02 Jun 2027 06:02:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 450223\r\nlast-modified: Mon, 15 Sep 2025 16:33:57 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":8000,"size_decoded":8812,"mime_type":"font/woff2","magic":"ASCII text, with very long lines (10668), with no line terminators","md5":"f57100dda3ec280b5662d90a4498e25b","sha1":"dd5f02640eb91f5dc58868b8e9ff6ded5f1ff2eb","sha256":"f718cc6ec8fef19410f512b571761423d04ef57cc716213dd1ad7c9acf825c54","sha512":"5f3b71a138ebdfdb823be062e0f5b15b4b96831b9d384b8a3bb6c13eb4ca437dbaaefca06b6f37beb398037746b58e2befd3ef99a32d8f751975318f3ca47956","ssdeep":"192:sCj015NCrMOyUqCdtF4vFOsyHr0MMGMLpprGF9HDnFzQ4mUjm6oQDW8U:j6NuyqtF/b8L6DnRa6oIU","tlshash":"1f22c0b37d4d5c7b5f5a4a3c6bc9b2168d130c8f17cc9b165c32a92b899fca83a041b5","first_seen":"2026-05-25T14:45:30.852585Z","last_seen":"2026-06-07T19:20:48.593138Z","times_seen":407,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":26,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mcdclaim.com/favicon.ico","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:32.413Z","timestamp":1780830392413,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mcdclaim.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 09:14:17 GMT","end":"Sun, 16 Aug 2026 10:14:10 GMT"},"fingerprint":{"sha1":"6E:84:9B:D2:94:72:01:61:EF:61:21:48:AF:53:EC:18:B2:A3:2C:62","sha256":"A7:D0:5D:B8:C4:E1:81:6B:32:32:70:70:05:4C:59:7E:49:59:66:E5:23:81:41:0B:60:DD:A4:92:73:E6:C7:B8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: mcdclaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://mcdclaim.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __dpl=86bfaacd-b18b-4964-86a5-cca9da2b229c; __cf_bm=6Kk6LA10._LmVz_cBAWM8SDntRyCje1nD15kpcbpSA0-1780830391.1688855-1.0.1.1-owm_BgVC_d3YeMBgTcksTi3CqFcG9xWmOcSp0fdRyQrbYRwNXk5v2hbIKlum78dCXJxFgeRHaGBGWSOv2JgBXDJS3K__LcONV3DA_OzLGpGStkK9ATSgXyRJqXVBkLmz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 11:06:32 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\nx-deployment-id: 86bfaacd-b18b-4964-86a5-cca9da2b229c\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\netag: W/\"100f29dcee173b217c385005e70b6c52\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a07f30209d11b4ed-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18689,"size_decoded":19150,"mime_type":"image/vnd.microsoft.icon","magic":"ASCII text, with very long lines (24920), with no line terminators","md5":"2924c93ad30eb93584e860bc4c388bbb","sha1":"66de05df33be064f921576ddf4ac7564ec777abd","sha256":"550bd093b6faa0c82431361edb4d46de39a8b9e4755dedd63effeaba0622d58b","sha512":"68dbac9e63391f321dfe32ad1464a1013c886698d873fc3a53274a2498d1ce52d9c4f858b740cdc6f38cb5a64b8c12e149fdf7b25512f6dc31568a0ddfbd441b","ssdeep":"384:cBZRGyNadps6j3P0Dpbx7oF9+unL74Y3OYQh0C5QHhleTleD/zQ/jm05pYXJt:uNMqgc1sR3OrChq4zQ/jmcpYD","tlshash":"8fb2d1b6499c65f27535a77eb6f0d81c3c089192028724dfc7c8366240d39876cbbae5","first_seen":"2026-06-07T11:06:59.760402Z","last_seen":"2026-06-07T11:07:47.655064Z","times_seen":2,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"mcdclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mcdclaim.com/__l5e/trackevents","fqdn":"mcdclaim.com","domain":"mcdclaim.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://mcdclaim.com/","date":"2026-06-07T11:06:32.511Z","timestamp":1780830392511,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mcdclaim.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 09:14:17 GMT","end":"Sun, 16 Aug 2026 10:14:10 GMT"},"fingerprint":{"sha1":"6E:84:9B:D2:94:72:01:61:EF:61:21:48:AF:53:EC:18:B2:A3:2C:62","sha256":"A7:D0:5D:B8:C4:E1:81:6B:32:32:70:70:05:4C:59:7E:49:59:66:E5:23:81:41:0B:60:DD:A4:92:73:E6:C7:B8"}}},"request":{"raw":"POST /__l5e/trackevents HTTP/1.1\r\nHost: mcdclaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://mcdclaim.com/\r\nContent-Type: application/json\r\nContent-Length: 2412\r\nOrigin: https://mcdclaim.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __dpl=86bfaacd-b18b-4964-86a5-cca9da2b229c; __cf_bm=6Kk6LA10._LmVz_cBAWM8SDntRyCje1nD15kpcbpSA0-1780830391.1688855-1.0.1.1-owm_BgVC_d3YeMBgTcksTi3CqFcG9xWmOcSp0fdRyQrbYRwNXk5v2hbIKlum78dCXJxFgeRHaGBGWSOv2JgBXDJS3K__LcONV3DA_OzLGpGStkK9ATSgXyRJqXVBkLmz\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 202 \r\ndate: Sun, 07 Jun 2026 11:06:32 GMT\r\ncontent-type: application/json\r\ncontent-length: 17\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: a07f30213dceb4ed-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"202","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17,"size_decoded":338,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"4559953541e64ed2b2d63fd62d85b33d","sha1":"1e888a10723d806aff2f38d44ff6bb84eb483f3d","sha256":"d6345c74876c7d063724500d2062949a66a76a675910f5b7ceeeba2c09c2dc81","sha512":"1c48621f1bbbc7f0af95f5ed1e0bc46069d597540455268cfbc1c69f36189ba91e756ec66dfdbea620fa881aa92f28b47ed5a2968809099b918d12cf33525059","ssdeep":"","tlshash":"6f7000223a2808b280000080020a2bf0800a00202a202882a00a280002a088020c0002","first_seen":"2026-06-03T19:14:25.738882Z","last_seen":"2026-06-07T19:19:45.936088Z","times_seen":52,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"mcdclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}