{"report_id":"09de28cb-5ed1-4ac6-9842-176903d293f1","version":6,"status":"done","tags":[],"date":"2026-04-28T13:20:44Z","url":{"schema":"http","addr":"duty-free.cc","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":0,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"final":{"url":{"schema":"https","addr":"duty-free.cc/","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"title":"Duty-Free","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"duty-free.cc","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":0,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T13:20:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-26T22:16:47.246638Z","alert_count":0,"request_count":1,"received_data":19659,"sent_data":556,"comment":"","tags":null,"fingerprints":null},{"fqdn":"duty-free.cc","ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"2024-05-15","domain_rank":4861404,"first_seen":"2025-10-06T09:20:55.387441Z","last_seen":"2025-10-06T09:20:55.387441Z","alert_count":42,"request_count":21,"received_data":373097,"sent_data":11857,"comment":"","tags":null,"fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"PHP:8.3.16","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:6.8.3","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.cdnfonts.com","ip":{"addr":"172.67.184.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-10-03","domain_rank":50661,"first_seen":"2020-06-10T09:02:17Z","last_seen":"2026-04-23T08:03:01.016448Z","alert_count":0,"request_count":4,"received_data":350878,"sent_data":1968,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2026-04-27T05:48:26.405059Z","alert_count":0,"request_count":2,"received_data":815995,"sent_data":816,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-26T22:20:29.825994Z","alert_count":0,"request_count":1,"received_data":2662,"sent_data":464,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/js/theme.js?ver=1.0.1","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9ec94ba5ed5326ed8c0d872084d260b","sha1":"3ae6e545a60f9b61bf46be9086d244275dce2d99","sha256":"9a876c1f153a27d441f8252864222cc44dc58ef4d12d423f1f7e8747e4db62dd","sha512":"8d4461093ce6f7d4051afdd88b39429703f96ffeb0a8707303ff6e557abf2a1dae01a56cc4f63336d83c84308c06302586064e9231f9d2b79e195cf18befdbcb","ssdeep":"384:0JyUfO3Y0aq+ZEghgsxBSgXgmLg7h8vKMnVK/1QIC3fKWLCU46KQDRqPKaCvNvYa:qNfO3Y0/+RGsxBBwmL7vKn1QIC3fKWLx","tlshash":"fd52f829b3c4263a85931fe61e962101bf612461bd0bfdf5f0ae85061f035d712bfa9e","size":13681,"data":"","first_seen":"2026-04-28T13:20:46.349936Z","last_seen":"2026-04-28T13:21:46.642133Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.8.3","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4b50535f3e989a77d537d5486342d47","sha1":"2a1cc988298c022def9376bd54f608f44154071a","sha256":"db8ee8be2b2456c191fc0739f34f6ac675af8ba4782380cf233024498e0eb968","sha512":"be3b974332c4dadc30025aa911fde008442c9f4966ade014a7b8f05926688e30b9fdc32ebdbdd53fe32fc3f4d9c6ac2310b98dc6602843f2d8f00b1ded4e9b83","ssdeep":"384:WAevzW+ZTbXUH3o//bEPhXgA5H1efAJmpr:WF6UXUH3o//YpXgAGfACr","tlshash":"d782fa9bb33a4e8f343e3bd7cd968f4dc9da555321c0e078dbeeb68169a00568274c90","size":19251,"data":"","first_seen":"2025-05-09T23:23:48.206606Z","last_seen":"2026-04-28T17:20:28.883704Z","times_seen":200154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-28T16:56:55.274595Z","times_seen":31783,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ebb255b3f7dcc9b3cbd9278c7f7cf96","sha1":"af3e89dbdb3096859545b97722360f4b2f2d0060","sha256":"e83f5ee7a85634d1047f263b4ba84f3e79c40865a43d334056ca63bfe5dd8db7","sha512":"07f04fd928ba0388f953e68ee8a77a766465819d66af5295f44c6cfdf25134dd068d40713832b9cfcb4b498a37084dc60c401c0efeb7fd2fad95b935f7ea48f0","ssdeep":"","tlshash":"3161ba9e3775348b32b604d16a2f0e07fb7258361688d034cab5a7141cb1463d37ad4a","size":3383,"data":"","first_seen":"2025-10-06T09:20:57.55537Z","last_seen":"2026-04-28T13:20:46.376875Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/js/sidebar.js","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"c92d9ebb1b8f062206b83b658c7a8afd","sha1":"c4e33a41084b119f5d691a2318e95ae5540857f1","sha256":"6e3c84cefb65772caaf74972f4df0d2ffd0aee24e35e4f44957b1dbb2b5a954d","sha512":"c324a912e72f18f4251406e08bd083928ed3e84e414e672d29d59e1b17f7dd6b36f0d5efe093c5b9ea1857d77428811280c165ed911d370397ba744f4b06d0bc","ssdeep":"","tlshash":"2ff0e205bef4598800bb149a8af350801f1c28dbd2898a1139fe0f4c0f843f0b2ab28f","size":502,"data":"","first_seen":"2025-10-06T09:20:57.547185Z","last_seen":"2026-04-28T13:21:46.644132Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-28T17:23:13.439775Z","times_seen":754563,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-28T17:23:13.499901Z","times_seen":699872,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"duty-free.cc/wp-includes/css/dist/block-library/style.min.css?ver=6.8.3","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-includes/css/dist/block-library/style.min.css?ver=6.8.3 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=GypaQNUMUh85y4Z2; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 27 Apr 2026 19:38:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 23 Aug 2025 07:44:09 GMT\r\netag: W/\"68a97149-1c679\"\r\nexpires: Wed, 27 May 2026 19:38:26 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 63715\r\ncontent-length: 14362\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":116345,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (55654)","md5":"a06b3af98203ddc303997e0e0caaff83","sha1":"04c3e7de74a890d18014588c4e1f077a52d79acc","sha256":"838ede31a58a3cdb411d6dd7f13cbe65d4a26193d9fa31882854e63938f12bac","sha512":"4ce1079b8dc07043b0201dc74f5888b50aa530a4e604eecd7673e225946de62c421b290a707014ddaf4366591f8c4767737b5689bc44d57eb0a11aef905cead9","ssdeep":"3072:seeJu1iQg5MG7x+qehvP0x2pck2qkA3Pu:b1iQg5MG7x+qehvP0x2pck2lA2","tlshash":"34b3615417b4dcf935ffa73a5e4ee248a503aa41c68a57ebe066d190618ca490cf3f0f","first_seen":"2025-07-15T17:03:07.843749Z","last_seen":"2026-04-28T17:20:28.853706Z","times_seen":167824,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.cdnfonts.com/s/19714/rawline-400.woff","fqdn":"fonts.cdnfonts.com","domain":"cdnfonts.com","tld":"com"},"ip":{"addr":"172.67.184.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:22.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnfonts.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 10:53:05 GMT","end":"Wed, 03 Jun 2026 11:47:54 GMT"},"fingerprint":{"sha1":"D9:30:54:27:38:62:7E:5D:C3:29:C3:8B:4C:23:16:C6:51:BD:94:E5","sha256":"9C:10:6F:BE:83:DC:82:96:4F:1B:37:70:57:2D:20:C9:EA:DB:71:9C:9B:4A:D1:E4:93:0E:B4:CD:30:3E:E2:47"}}},"request":{"raw":"GET /s/19714/rawline-400.woff HTTP/1.1\r\nHost: fonts.cdnfonts.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://duty-free.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.cdnfonts.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:20:22 GMT\r\ncontent-type: font/woff\r\ncontent-length: 115080\r\nlast-modified: Sat, 05 Feb 2022 02:00:40 GMT\r\netag: \"1c188-5d73bbbf89143\"\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\npriority: u=4,i=?0\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1GiG2RXO%2FPQDmnHh0f62a62sin7dGHAOG%2B5kj5gINV6jOYDsa%2FzEwgcxsFMUk1yQGqzsp5mFMAQ3hAtUiBmFROGDHpQQ5ufIx%2B6f33O3LGXEsezrDpCxlLqrGERYuYKOtFOTeRU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f365d2afde51a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":115080,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 115080, version 0.0","md5":"88b39022efcd913d2080013ffa805d47","sha1":"d11aafc7d935a0e79b01598307946b123af50e49","sha256":"e9f30de99871728e6c141eb08fe8f8c19913933f634b2da092fd8fc4e5dbb7fb","sha512":"05ef86330e6a41c7d223b0f6ae2fbd104586644e84d3c57d96d9ca25d4f6026258c8f6511998835b4cf1a4d8837e91e7366e2f0a1ce458f3ee29b22035fd4e13","ssdeep":"3072:HxDe51r5NgTd0Mt/VyUFM79pPSM2OAtum5JtnhUJTlrHrX:H9k1r5NYK/USRVUumzthUj3X","tlshash":"4cb31297300d1e07d6a808fd9dc4afebe67820fc5c081bb9756d16a7983f64447b0ae9","first_seen":"2023-08-14T01:43:30Z","last_seen":"2026-04-28T13:21:46.637166Z","times_seen":55,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":47,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.cdnfonts.com/s/19714/rawline-500.woff","fqdn":"fonts.cdnfonts.com","domain":"cdnfonts.com","tld":"com"},"ip":{"addr":"172.67.184.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:22.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnfonts.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 10:53:05 GMT","end":"Wed, 03 Jun 2026 11:47:54 GMT"},"fingerprint":{"sha1":"D9:30:54:27:38:62:7E:5D:C3:29:C3:8B:4C:23:16:C6:51:BD:94:E5","sha256":"9C:10:6F:BE:83:DC:82:96:4F:1B:37:70:57:2D:20:C9:EA:DB:71:9C:9B:4A:D1:E4:93:0E:B4:CD:30:3E:E2:47"}}},"request":{"raw":"GET /s/19714/rawline-500.woff HTTP/1.1\r\nHost: fonts.cdnfonts.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://duty-free.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.cdnfonts.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:20:22 GMT\r\ncontent-type: font/woff\r\ncontent-length: 113736\r\nlast-modified: Sat, 05 Feb 2022 02:00:40 GMT\r\netag: \"1bc48-5d73bbbf8952b\"\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YZ3apbvc87pLXxg16sVIBDLSwkFOBtyZ%2FRxTVJaR4QF%2FFtNjdD1s3FRb4OKlrILiAEu%2FpM4OZ5apj0ZrnypYdsLzaqNKo4ONgdwUM1ZzyEcuQ759hEicn%2Bf8y4LwPbsXKNQIlNw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f365d2afde41a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":113736,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 113736, version 0.0","md5":"3cf03393338343e71dada8cfd6cc7c1a","sha1":"058e7ce9434160f76f99e3088054530f9aa6e9da","sha256":"6a09eb20829cc965bac42b31263a99fbeec465bb83e21557ea8dff9f37beaeb6","sha512":"cdf889736bd5d6a15afe7e7a73ace120ac9d116cdaf5a25ea68a33c21da07d7ef15810d949092923734754bd0ad330841289736c217dfd546a2e0420ee9cc879","ssdeep":"3072:kDe5ewsP+VTTkcWKVyjWU5zfpVD7Aocp4XKL:Mk/smFAcRfIzfP7c0u","tlshash":"79b312667a33139cbb2eb147eb02fd92403e4786eb751d42298c44605df5b8a8b84cf2","first_seen":"2023-08-14T01:43:30Z","last_seen":"2026-04-28T16:53:46.643537Z","times_seen":46,"resource_available":false,"data":null}},"time_used":370,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":238,"receive":110,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/favicon.ico","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:22.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=mllsuQvXpGqBI4kZ; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=SpRLly0VTHRNpDzi; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:22 GMT\n__ddg10_=1777382422; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:22 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:22 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 13:20:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.3.16\r\nlink: \u003chttps://duty-free.cc/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nx-redirect-by: WordPress\r\nlocation: https://duty-free.cc/wp-includes/images/w-logo-blue-white-bg.png\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"PHP:8.3.16","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}],"data":{"size":4119,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T17:24:07.120456Z","times_seen":14335314,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/assets/css/post.css?ver=2.0","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/assets/css/post.css?ver=2.0 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=GlNF4B5OJAdHj3I3; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 02:11:13 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 09 Feb 2025 17:59:20 GMT\r\netag: W/\"67a8ecf8-541\"\r\nexpires: Thu, 28 May 2026 02:11:13 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nage: 40148\r\ncontent-length: 492\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":1345,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"9bbc8e4ee7425930f34ff69272ebe32a","sha1":"c7b4801c89a1d5bae296ff89da8899662bdcbbd6","sha256":"309ab1d9625cfa10c0ed9be3f7f2b11a8e3c06aad00dc33d856ea2da09989801","sha512":"adfebc4f0391543366191c7c3d93875accefa8357989824dff4e2d42005f64d664044964def6127dfcc23c5e9d22a53e32b92151db22cc2beecfb9547653b990","ssdeep":"","tlshash":"7521ac9e1274c184bb1b642e27d79f553aac4887e00deefa4ff4510cde881f99582b4c","first_seen":"2025-10-06T09:20:57.53009Z","last_seen":"2026-04-28T13:21:46.646985Z","times_seen":3,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/assets/css/category.css?ver=2.0","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/assets/css/category.css?ver=2.0 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=9uNWkwTgwC3IuQVW; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 27 Apr 2026 10:54:45 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 31 Jan 2025 11:49:25 GMT\r\netag: W/\"679cb8c5-1ef\"\r\nexpires: Wed, 27 May 2026 10:54:45 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 95136\r\ncontent-length: 181\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":495,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"440708d8f62c0f24d5bac93af59b3b40","sha1":"2756d4c4a7cee4fc3efa6868a6ca6cb452963ae8","sha256":"cd5db1e359bb626e57923681a2d7b268e70110131d28a6475fedee967bf66447","sha512":"c333a6af04a8ba4fdc2dec39183bc31c2701c0dd8310404f60c2614f0803668a681c71e3f8c692154b08ac5e9c2bda0479e7a75f3cb980155caff7b94aee345b","ssdeep":"","tlshash":"6df0256f53fc65b5640b305c16e7c77bf1840653410eded245e09d2cd5447f2495574c","first_seen":"2025-10-06T09:20:57.552335Z","last_seen":"2026-04-28T13:21:46.641087Z","times_seen":3,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/assets/css/pagination.css?ver=2.1","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/assets/css/pagination.css?ver=2.1 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=cKElZfnML9ZetelH; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sun, 26 Apr 2026 22:16:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 09 Feb 2025 18:14:49 GMT\r\netag: W/\"67a8f099-543\"\r\nexpires: Tue, 26 May 2026 22:16:52 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 140609\r\ncontent-length: 276\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":1347,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"80bad3979bb008fd0b52f99060db7e93","sha1":"9fcc4dfa8498042c8a0b43ba02c2c1bb006efa05","sha256":"1d4e82484e0b5dc5c2242dc044c597db1e4aae59acdbbc97f7d8661ed3ff3889","sha512":"3a2c265bb45ef0e4b3f5813a1eb3ef4707e5e5c069f778a36e624e551f71a482110199adf87f88221864ed6bdeae402eb8020bc4dbaa575b6347397886ddbc2f","ssdeep":"","tlshash":"1f21cbca6225922c3e27e7656fbb4f5423286502e40dde7f52d8109c1eca3bd23a3e50","first_seen":"2025-10-06T09:20:57.534843Z","last_seen":"2026-04-28T13:21:46.630144Z","times_seen":3,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/js/sidebar.js","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/js/sidebar.js HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=jgqYkpNa3FCA4TuV; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 27 Apr 2026 21:16:00 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 31 Jan 2025 11:49:25 GMT\r\netag: W/\"679cb8c5-1f6\"\r\nexpires: Wed, 27 May 2026 21:16:00 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 57861\r\ncontent-length: 183\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":502,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"c92d9ebb1b8f062206b83b658c7a8afd","sha1":"c4e33a41084b119f5d691a2318e95ae5540857f1","sha256":"6e3c84cefb65772caaf74972f4df0d2ffd0aee24e35e4f44957b1dbb2b5a954d","sha512":"c324a912e72f18f4251406e08bd083928ed3e84e414e672d29d59e1b17f7dd6b36f0d5efe093c5b9ea1857d77428811280c165ed911d370397ba744f4b06d0bc","ssdeep":"","tlshash":"2ff0e205bef4598800bb149a8af350801f1c28dbd2898a1139fe0f4c0f843f0b2ab28f","first_seen":"2025-10-06T09:20:57.547185Z","last_seen":"2026-04-28T13:21:46.644132Z","times_seen":3,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 09:41:26 GMT","end":"Fri, 19 Jun 2026 10:41:19 GMT"},"fingerprint":{"sha1":"1C:D9:C0:8C:4D:FA:FF:5A:2C:CC:48:EB:7B:35:CF:FA:AB:7F:C0:61","sha256":"1E:81:97:52:8B:47:37:54:3B:62:1E:0B:E5:1D:D6:F7:F2:6D:CD:F7:D3:1F:8C:0E:78:14:26:9F:B9:87:EA:5C"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://duty-free.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 13:20:21 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::md8nh-1775101186152-d45e2b42ab64\r\nlast-modified: Thu, 02 Apr 2026 03:39:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 2281235\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wen5o%2B%2BNKKaPEjFzETtjMYvj1V%2BFykQY043KoAHilrF0Gt9SOxl39611SKn1zx14snRSZASvzYBewlnxwqzRT4HfCI9i%2BXGSGkfjM6P8u%2By3DPoDqgvIonl9DHIkeeHVv1ljkHU%3D\"}]}\r\ncf-ray: 9f365d277ec50b69-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-28T16:56:55.274595Z","times_seen":31783,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.cdnfonts.com/css/rawline","fqdn":"fonts.cdnfonts.com","domain":"cdnfonts.com","tld":"com"},"ip":{"addr":"172.67.184.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnfonts.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 10:53:05 GMT","end":"Wed, 03 Jun 2026 11:47:54 GMT"},"fingerprint":{"sha1":"D9:30:54:27:38:62:7E:5D:C3:29:C3:8B:4C:23:16:C6:51:BD:94:E5","sha256":"9C:10:6F:BE:83:DC:82:96:4F:1B:37:70:57:2D:20:C9:EA:DB:71:9C:9B:4A:D1:E4:93:0E:B4:CD:30:3E:E2:47"}}},"request":{"raw":"GET /css/rawline HTTP/1.1\r\nHost: fonts.cdnfonts.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 13:20:21 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nage: 2853428\r\nlast-modified: Thu, 26 Mar 2026 12:43:13 GMT\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U7r0bJqHdpF3EbbSdLiUEIe1rsg4ClZVW3zRpjEuSWlVRhCkYvGFu5Vf3HLw2BlNftwFvsnoYUgxHfUpcUncky%2BsumyRWYas%2F%2B0sEULJ5xLaMqOhi4BSyUpHxPCk5d7izYeP%2F0Q%3D\"}]}\r\ncf-ray: 9f365d278bc98be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3449,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"5294704a026c366049da84467787ed74","sha1":"2117a232a4b2fdfa3293de4b79286f6ec153e2aa","sha256":"4a2735a004ea9e1d476e090aa81e4ae55623a92149e7e3bf54060747ae817039","sha512":"69857803e048c4171b82ebf64b306437312f16cb5cc0e84d5f4998b993b50bdceee7ec7f481b2a9756707e96405e4c318b3c332e4531a3dd607e4ce3c5a23554","ssdeep":"","tlshash":"9061b951049f668266710d9e739fb5146e0fa01f308fcd26bbbd3d889fe6d26424172d","first_seen":"2023-11-01T10:36:34Z","last_seen":"2026-04-28T13:21:46.636295Z","times_seen":62,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":14,"dns":1,"connect":1,"send":0,"wait":8,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/assets/css/main.css?ver=2.1","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/assets/css/main.css?ver=2.1 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=ndhXjdbTieB3rhs9; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sat, 25 Apr 2026 15:43:53 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 31 Jan 2025 11:49:25 GMT\r\netag: W/\"679cb8c5-168\"\r\nexpires: Mon, 25 May 2026 15:43:53 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 250588\r\ncontent-length: 153\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":360,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"8dc5bf1f9c0816f29658086872511e9c","sha1":"22a208b36b0431f482e56d0761039072d2bff4d2","sha256":"c50ea45b78392c74a2a1b94ff4c3f2cdb93735579fcaabf20c1ca7b04e8fbc82","sha512":"72cd6fa4ca17289746ca4f4f510e7e2e7a2abd2af0972d3cacb50561cda1eb190c941db1ba8800152c31ec8d5b5c13c5268824a97877524e9a14e7fc78400d5e","ssdeep":"","tlshash":"46e0484755f07e05250eb17cfcaa130dd6d6c022730d5ad164c0516deb473e35b64c9e","first_seen":"2025-10-06T09:20:57.540499Z","last_seen":"2026-04-28T13:21:46.645644Z","times_seen":3,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/assets/css/comments.css?ver=2.0","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/assets/css/comments.css?ver=2.0 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=pz5OmUUwTS7DVOR6; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sat, 25 Apr 2026 07:44:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 31 Jan 2025 11:49:25 GMT\r\netag: W/\"679cb8c5-115f\"\r\nexpires: Mon, 25 May 2026 07:44:46 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 279335\r\ncontent-length: 881\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":4447,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e2d29198681a7b90bcd733288cae8ea5","sha1":"de1cbe87898f62c7a7123dc3579a473f4d3779c0","sha256":"2284081a7af806ece34c441835f456c4319264a5ed3de19879036b6c760e9e1a","sha512":"4113709f9ece2c20d72c97d5b3b182c7afc04859b9f363273b22711283509bafaf32a988ea3133cbf9f0f6006e8a87e2dad15f0c3236c9d6f8506ecab09f55fc","ssdeep":"96:CyZ5tCtrxfBLqC0L8+xf+LR9E22XXACZXrxfgisKz0JaXGFEFXrFXKFXbFXqA//f:CyZ5wBxjCxQAn1x4iiJjFEFXrFXKFXbR","tlshash":"2491bfc61ae5b260781bb46c69d6cb46222c8743c00fd9fdeff4050cce897b5a961b8d","first_seen":"2025-10-06T09:20:57.531423Z","last_seen":"2026-04-28T13:21:46.633052Z","times_seen":3,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/assets/css/footer.css?ver=2.0","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/assets/css/footer.css?ver=2.0 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=TuG6qOMMPMEfsqaz; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sun, 26 Apr 2026 22:16:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 24 Jan 2025 14:26:30 GMT\r\netag: W/\"6793a316-f5\"\r\nexpires: Tue, 26 May 2026 22:16:46 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 140616\r\ncontent-length: 137\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":245,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"fc24889e1c85748543912f7b3b1793d4","sha1":"610fb68134a6e729465d365b75946d47553112e9","sha256":"9828da6ba657e13c882bfdee2d197c040bb6998341ea9c2deaaa9dd70b3a14d3","sha512":"414d6e093efefdc562b03c22d215527227b139a797f60cf0a2afb07139963ea1ebb1a3ea7c7e95cb37a148b221bf96d026ba41d1aae09d0abb455ad01c7141d8","ssdeep":"","tlshash":"77d02bc12179a2652817d464166a4b00017cc042d40fcd6e3aad034d4ddd2691972349","first_seen":"2025-10-06T09:20:57.532659Z","last_seen":"2026-04-28T13:21:46.634946Z","times_seen":3,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=z41gUbkZOmtpHOTa; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Fri, 24 Apr 2026 03:47:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 09 Jun 2023 05:49:24 GMT\r\netag: W/\"6482bd64-3509\"\r\nexpires: Sun, 24 May 2026 03:47:18 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nage: 379983\r\ncontent-length: 4903\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":13577,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-28T17:23:13.499901Z","times_seen":699872,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/js/theme.js?ver=1.0.1","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/js/theme.js?ver=1.0.1 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=Q8dB1geqPqsCdqok; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sun, 26 Apr 2026 20:47:22 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 23 Feb 2026 20:44:33 GMT\r\netag: W/\"699cbc31-3571\"\r\nexpires: Tue, 26 May 2026 20:47:22 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nage: 145979\r\ncontent-length: 4750\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":13681,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11898)","md5":"c9ec94ba5ed5326ed8c0d872084d260b","sha1":"3ae6e545a60f9b61bf46be9086d244275dce2d99","sha256":"9a876c1f153a27d441f8252864222cc44dc58ef4d12d423f1f7e8747e4db62dd","sha512":"8d4461093ce6f7d4051afdd88b39429703f96ffeb0a8707303ff6e557abf2a1dae01a56cc4f63336d83c84308c06302586064e9231f9d2b79e195cf18befdbcb","ssdeep":"384:0JyUfO3Y0aq+ZEghgsxBSgXgmLg7h8vKMnVK/1QIC3fKWLCU46KQDRqPKaCvNvYa:qNfO3Y0/+RGsxBBwmL7vKn1QIC3fKWLx","tlshash":"fd52f829b3c4263a85931fe61e962101bf612461bd0bfdf5f0ae85061f035d712bfa9e","first_seen":"2026-04-28T13:20:46.349936Z","last_seen":"2026-04-28T13:21:46.642133Z","times_seen":2,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Montserrat:wght@700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Montserrat:wght@700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 28 Apr 2026 13:20:21 GMT\r\ndate: Tue, 28 Apr 2026 13:20:21 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1976,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"7e117958684a56bdc004e5a736fbaf2d","sha1":"4eba16814797c3966bc65740eb9e7720e0c68688","sha256":"5c226a2d18b554efcf5048ae11ec54758f4e214f2dd02fa4b0962f9cb02b9870","sha512":"338597da56eaad9394ab8af097203e8dad11e0c944e6fe2e7ad5a97fc7d5523aeb1a3046dcd22992072811bd9fd5f85d4ae39c5183ec9ed612ee1f3069be9d57","ssdeep":"","tlshash":"3841cf81111bb500eb4b0cc623cf7e26dd4e656274a0c07aaffd2c98ade9c221735b6d","first_seen":"2025-09-05T01:56:40.684189Z","last_seen":"2026-04-28T13:21:46.618636Z","times_seen":414,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":116,"dns":1,"connect":8,"send":0,"wait":19,"receive":0,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/assets/css/sidebar.css?ver=2.15","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/assets/css/sidebar.css?ver=2.15 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=mllsuQvXpGqBI4kZ; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sat, 25 Apr 2026 14:20:38 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 17 Sep 2025 14:30:40 GMT\r\netag: W/\"68cac610-89c\"\r\nexpires: Mon, 25 May 2026 14:20:38 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 255583\r\ncontent-length: 605\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":2204,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"866b3e16f1a4d062ab54fc1fc5b07e8f","sha1":"6ffa6a1a6897b8d4090e93e634d4edfcff8ed589","sha256":"eca196e7c27537f0710d4a1455e89594b6922c78177ffb9d3cdb7de0152bd190","sha512":"be8181c95fe663423e13fd3e9727d1a8589c40c396b2e1198416da06764580f5331b5798d7cfed0ca3ef2699d9920b976ec97976b14557939c327acdb8b80693","ssdeep":"","tlshash":"ea41f08452f5bd69342bb19b89d743b8235c44cda22ecdae3dac12182ec53f49c1add4","first_seen":"2025-10-06T09:20:57.541629Z","last_seen":"2026-04-28T13:21:46.626063Z","times_seen":3,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":9,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 09:41:26 GMT","end":"Fri, 19 Jun 2026 10:41:19 GMT"},"fingerprint":{"sha1":"1C:D9:C0:8C:4D:FA:FF:5A:2C:CC:48:EB:7B:35:CF:FA:AB:7F:C0:61","sha256":"1E:81:97:52:8B:47:37:54:3B:62:1E:0B:E5:1D:D6:F7:F2:6D:CD:F7:D3:1F:8C:0E:78:14:26:9F:B9:87:EA:5C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 28 Apr 2026 13:20:21 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::pbfr4-1777381643838-3b72e2ef4603\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 777\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hfGBU3uyUtsXr2XHL4%2FWY4jmcY4FqqJY9oBpmwvL4rBWA%2FurEosHimDg1xYpGHp98dhlSIYLKXuq728B4%2FF%2F40HYH04yLKZSM6gn%2FA7yqPWlidDRG8F0o862U9UrQb5iNTpbCFY%3D\"}]}\r\ncf-ray: 9f365d270e770b69-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T17:24:07.120456Z","times_seen":14335314,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":9,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-includes/images/w-logo-blue-white-bg.png","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:22.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://duty-free.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=WqtOn02L45bv0Q5X; __ddg10_=1777382422; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=zqmHfGUU3QBTOERM; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:22 GMT\n__ddg10_=1777382422; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:22 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:22 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sat, 25 Apr 2026 09:33:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 4119\r\nlast-modified: Tue, 16 Nov 2021 00:04:01 GMT\r\netag: \"6192f571-1017\"\r\nexpires: Mon, 25 May 2026 09:33:21 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nage: 272821\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":4119,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"000bf649cc8f6bf27cfb04d1bcdcd3c7","sha1":"d73d2f6d74ec6cdcbae07955592962e77d8ae814","sha256":"6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0","sha512":"73d2ea5ffc572c1ae73f37f8f0ff25e945afee8e077b6ee42ce969e575cdc2d8444f90848ea1cb4d1c9ee4bd725aee2b4576afc25f17d7295a90e1cbfe6edfd5","ssdeep":"96:h3bdWfcmTY+aRF1pXWZL2+42HGhIUc8KeLEd:hgXTY+as02mOB8XLEd","tlshash":"00814b63df38c566e66a2b189ff6bca56b290fd50ca1194c0eecb025632c06d1065089","first_seen":"2023-04-08T12:31:37Z","last_seen":"2026-04-28T17:22:02.208568Z","times_seen":58906,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T13:20:21.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=F75EoFGBFu1PuROh; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg1_=Ywd2MHdFhSOZjTqIBx9x; Domain=.duty-free.cc; HttpOnly; Path=/; Expires=Wed, 28-Apr-2027 13:20:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 13:20:21 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.3.16\r\nlink: \u003chttps://duty-free.cc/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:6.8.3","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:8.3.16","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":79171,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8856)","md5":"0747813a96d945bffae26c1d6fe477d0","sha1":"12cb49af82cf2e09af2f6183c57bb1a0933c0a22","sha256":"520b7e67ad285001a7d2287ec2fd5d2d89b7251e64a87f68ad08b16c9bbd64c3","sha512":"c21daf74a791eb2c8e17a31afb441c0722ff026961a62fa15f482287f0bf3535240c8598750e60e56e0af836c1865b2a1fab4ca17ec4d6999847ef86629bed52","ssdeep":"1536:vlaprgWzXMgLL3Pjr9MkaaL03D6kfd3FgeElVrO4a275p2b+hNOKWAKe:vUSWzXMGjr9HaO0z62d3ieGVrOf275UG","tlshash":"5f7396b812a8007c6207b368c6447a3cf8ab60b7df4dd711b3fc152cabd29a9957b55c","first_seen":"2026-04-28T13:20:46.353195Z","last_seen":"2026-04-28T13:21:46.643148Z","times_seen":2,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":79,"dns":4,"connect":19,"send":0,"wait":69,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/assets/css/global.css?ver=2.0","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/assets/css/global.css?ver=2.0 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=WRiOdSlhEvMa6IPP; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sun, 26 Apr 2026 07:55:51 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 31 Jan 2025 11:49:25 GMT\r\netag: W/\"679cb8c5-9a\"\r\nexpires: Tue, 26 May 2026 07:55:51 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 192270\r\ncontent-length: 100\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":154,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4b0e1fab9d8d8bd23349d6ebce9c9b46","sha1":"52670ff39795967fd86d4f47509ced2707d45812","sha256":"b66a3077afeeb19c92f651bb340b2f508d2b99294b38145bd66a866dd4a7fb81","sha512":"db58f4e41cd0cc84c3164e542bcc4f54ac60fd93165def535cbd0755230fe165cd5399ccdf5470aaab98afc5362e52bd835ba6baca671a111aba0c4df281d9a7","ssdeep":"","tlshash":"18c08cd3a8b07008b09a093a21d2b95b34ce4862828c88a44ad0b47cbb4c2e10532768","first_seen":"2025-10-06T09:20:57.551283Z","last_seen":"2026-04-28T13:21:46.63856Z","times_seen":3,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/assets/css/not-found.css?ver=2.0","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/assets/css/not-found.css?ver=2.0 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=CIzNymys882YpjCu; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sun, 19 Apr 2026 16:15:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 31 Jan 2025 11:49:25 GMT\r\netag: W/\"679cb8c5-139\"\r\nexpires: Tue, 19 May 2026 16:15:27 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 767094\r\ncontent-length: 157\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":313,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"2ec9da1892dc978b833c8e8a2942e45f","sha1":"48718bcb1f3dbe81a7a9ab7da9167779437535fc","sha256":"d8ec8a3c9cadd5b640cec285d11a048ea9cb5ad4fb7ea32a5934cb599d055e98","sha512":"978450436a57bd3de35e3b06c6960b17fd66f0c0d9a34ef13c168548822f795e27851f58340864a003ff53bb6a028a25b3c2d9ffbaba6b535182ff1903e7f82e","ssdeep":"","tlshash":"12e07d1b51a2d3470806a8743edd1f54a148c857960fcce99ad2020f8cc504a66b23ce","first_seen":"2025-10-06T09:20:57.533669Z","last_seen":"2026-04-28T13:21:46.629283Z","times_seen":3,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=5pnaa43doCxYzJBQ; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sat, 25 Apr 2026 08:36:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 28 Aug 2023 17:14:23 GMT\r\netag: W/\"64ecd5ef-15601\"\r\nexpires: Mon, 25 May 2026 08:36:56 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 276205\r\ncontent-length: 30111\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-28T17:23:13.439775Z","times_seen":754563,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.cdnfonts.com/s/19714/rawline-300.woff","fqdn":"fonts.cdnfonts.com","domain":"cdnfonts.com","tld":"com"},"ip":{"addr":"172.67.184.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:22.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnfonts.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 10:53:05 GMT","end":"Wed, 03 Jun 2026 11:47:54 GMT"},"fingerprint":{"sha1":"D9:30:54:27:38:62:7E:5D:C3:29:C3:8B:4C:23:16:C6:51:BD:94:E5","sha256":"9C:10:6F:BE:83:DC:82:96:4F:1B:37:70:57:2D:20:C9:EA:DB:71:9C:9B:4A:D1:E4:93:0E:B4:CD:30:3E:E2:47"}}},"request":{"raw":"GET /s/19714/rawline-300.woff HTTP/1.1\r\nHost: fonts.cdnfonts.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://duty-free.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.cdnfonts.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:20:22 GMT\r\ncontent-type: font/woff\r\ncontent-length: 115668\r\nlast-modified: Sat, 05 Feb 2022 02:00:40 GMT\r\netag: \"1c3d4-5d73bbbf89143\"\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HVy7vmcO9%2FA4ZRJ4eyQB%2BvvDB%2FORqW9yTEqpNOAbizcxw2PyB5dXmV1WKrrpXQGDxP%2FdO2GSaIKh81cX09nOeBikxFioKkEwqeMzKr%2B6%2BzE7uw7bpztU8WjvK6ROA6b8d%2Fs1sM8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f365d2afde31a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":115668,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 115668, version 0.0","md5":"6f85adcf1e8f5a21d6a9d59bfbc3453b","sha1":"bbf278888371d7489f8092975ee05fb0aba44482","sha256":"0969e1474f8a8475059ccdca4f66108e2c87f4f5435384624ebe8d36ca1a678a","sha512":"dd1a1c626d89a6753329517203b459c5c16f9444d48de019dd04ce1171f04ccc20a4fbff0fcf06a3cc5fbdf08e31fc6994b44c7a2d124271e52eb0c9f9019ad9","ssdeep":"3072:BDe5SvePzB5zTei6uQEvM5Opstn+Pa4Q8rBN2gOcbB:NkSv8d5mipQEUoqgkgrN","tlshash":"54b312e003598ca451af3df1c70b46e51f7cae6ea5b292195ad0a8c410fbd1e60b2cfd","first_seen":"2023-08-14T01:43:30Z","last_seen":"2026-04-28T13:21:46.631709Z","times_seen":9,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":223,"receive":108,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.8.3","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:22.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=6.8.3 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=SpRLly0VTHRNpDzi; __ddg10_=1777382422; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=WqtOn02L45bv0Q5X; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:22 GMT\n__ddg10_=1777382422; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:22 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:22 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 05:43:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 23 Aug 2025 07:44:09 GMT\r\netag: W/\"68a97149-4b33\"\r\nexpires: Thu, 28 May 2026 05:43:28 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 27415\r\ncontent-length: 4778\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":19251,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (16277)","md5":"c4b50535f3e989a77d537d5486342d47","sha1":"2a1cc988298c022def9376bd54f608f44154071a","sha256":"db8ee8be2b2456c191fc0739f34f6ac675af8ba4782380cf233024498e0eb968","sha512":"be3b974332c4dadc30025aa911fde008442c9f4966ade014a7b8f05926688e30b9fdc32ebdbdd53fe32fc3f4d9c6ac2310b98dc6602843f2d8f00b1ded4e9b83","ssdeep":"384:WAevzW+ZTbXUH3o//bEPhXgA5H1efAJmpr:WF6UXUH3o//YpXgAGfACr","tlshash":"d782fa9bb33a4e8f343e3bd7cd968f4dc9da555321c0e078dbeeb68169a00568274c90","first_seen":"2025-05-09T23:23:48.206606Z","last_seen":"2026-04-28T17:20:28.883704Z","times_seen":200154,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/style.css?ver=1.0.1","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/style.css?ver=1.0.1 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=Ot5ivmCcF8clDkKN; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sun, 26 Apr 2026 22:16:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 21 Feb 2026 17:39:01 GMT\r\netag: W/\"6999edb5-9be\"\r\nexpires: Tue, 26 May 2026 22:16:35 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 140626\r\ncontent-length: 956\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":2494,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a83ab7b5e0e717b18e1fcf7c384b5118","sha1":"5b7ff008f99324ed8dff37840465f3560210d869","sha256":"685f9b56881c2fe5fb4858582cba7ee094e68ddd5335503f02be2cd161a8fdba","sha512":"14a8cf5a5f9819cb7ab401f3de9a496543ae0841f3efa918e955d528bd59dc99baf8b6f1f4d88cb3140007c920fdd3a536651c150a5d3be8b8b49f47cbad00b4","ssdeep":"","tlshash":"6951621dac63513ab15acbba26dbe155e72b9d2323593c67f21d02a9808032c21fdf00","first_seen":"2026-04-28T13:20:46.358032Z","last_seen":"2026-04-28T13:21:46.624294Z","times_seen":2,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/assets/css/header.css?ver=2.8","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/assets/css/header.css?ver=2.8 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=TNi1Txaw7VHs5bmr; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Sun, 19 Apr 2026 16:15:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 23 Feb 2026 20:32:21 GMT\r\netag: W/\"699cb955-11a7\"\r\nexpires: Tue, 19 May 2026 16:15:27 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 767094\r\ncontent-length: 1183\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":4519,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"9e0a3cb2c28622db515a294a002cadd1","sha1":"ebb8dc0f62bd1867f199c3fa7d3a444c9db83f71","sha256":"0c4480aaf9502e9a63256505f2dc8c40dfe9ccbfd23aa49281e5c50a6b40dfa1","sha512":"5692260e0412006546e9d03e09b0d86d5cac62fa0fe066d4e0dbc570e13ad1ffc3b820e169d0f590b4bb3abb6e95884cfc10db2177edfdc8faaf30825884dd80","ssdeep":"96:idWqO6wCYCj+3LRqxfl9wulqxflyt6CKSxMuv+0aF4RVjaEEcnNe:yWqd3vi3L4xN9w5x8tpKS+0aKRVjaEdo","tlshash":"559120859ba2a128342fe15ae7ab4b85332cd043951ace3d3beca15c4fc12fc9161f84","first_seen":"2026-04-28T13:20:46.372427Z","last_seen":"2026-04-28T13:21:46.639251Z","times_seen":2,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duty-free.cc/wp-content/themes/dute-free/assets/css/content.css?ver=3.1","fqdn":"duty-free.cc","domain":"duty-free.cc","tld":"cc"},"ip":{"addr":"186.2.165.90","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:21.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"duty-free.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 20:13:54 GMT","end":"Thu, 07 May 2026 20:13:53 GMT"},"fingerprint":{"sha1":"61:33:0C:C3:43:00:21:22:82:09:9B:64:9F:FC:F4:21:31:F5:EB:CA","sha256":"5E:C9:F6:DB:0E:74:4E:AD:63:DA:AB:6B:D0:5F:CE:C1:F3:AE:50:D2:EF:45:52:FF:9F:91:6B:F0:68:B2:36:5A"}}},"request":{"raw":"GET /wp-content/themes/dute-free/assets/css/content.css?ver=3.1 HTTP/1.1\r\nHost: duty-free.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://duty-free.cc/\r\nCookie: __ddg8_=F75EoFGBFu1PuROh; __ddg10_=1777382421; __ddg9_=91.90.42.154; __ddg1_=Ywd2MHdFhSOZjTqIBx9x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=2j4Np8PWyfkodxIR; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg10_=1777382421; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\n__ddg9_=91.90.42.154; Domain=.duty-free.cc; Path=/; Expires=Tue, 28-Apr-2026 13:40:21 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 27 Apr 2026 21:16:00 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 17 Sep 2025 12:28:56 GMT\r\netag: W/\"68caa988-5fe\"\r\nexpires: Wed, 27 May 2026 21:16:00 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 57861\r\ncontent-length: 439\r\nddg-cache-status: HIT,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":1534,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"8397c47f612ca00b6b18cc2e44c9d61d","sha1":"e9e33dff647b299bf9ca9f50d127e526a26ad607","sha256":"8c9cd1be45d08f2af94d780cb34011abc447766b7c77acd22fee4256c807727b","sha512":"53a469982ae0996418f03378d7f89bd2545e52ea52b0ea9285b09efcf56c0a7face95793606d6743e28390645d467d798eae2bff832f8d318f7ea2432fdd1c24","ssdeep":"","tlshash":"2d31bfb663b49278e81bd464a6972f863358c543c50fcdba4be05a1cdec83fd9491b4c","first_seen":"2025-10-06T09:20:57.554376Z","last_seen":"2026-04-28T13:21:46.646287Z","times_seen":3,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"duty-free.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://duty-free.cc/","date":"2026-04-28T13:20:22.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/montserrat/v31/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://duty-free.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18824\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Apr 2026 11:02:08 GMT\r\nexpires: Fri, 23 Apr 2027 11:02:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 440294\r\nlast-modified: Thu, 04 Sep 2025 17:09:33 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18824,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18824, version 1.0","md5":"1c0792ac34ef600f99d93bc272a31080","sha1":"ae5da15d6686e876f61d4b94af769f22e65c06d5","sha256":"f9d9e65b15372cebcafc3acd1e664a564c5c4b23278de4d5760de9a13c530371","sha512":"c07164aa922caa6a95da016802a6371d727edb560d91dd8069db4b5d88f8a90e89aa0e77d7174455953a19908523959a64d3a1c05c3e3f4f9675f73504f7963c","ssdeep":"384:Xr/E9GyFdjOVDIyf4sfiVMy7ebj70FLAubHpEDysFaCY9bt64wJY1:XbJybOVDNwspy7kYVrpjsFaVph","tlshash":"4e82e1f94816b1abce56c237833938497510eea48365725b17158c184ecc97f8ddfa43","first_seen":"2025-09-05T07:31:34.656521Z","last_seen":"2026-04-28T16:29:37.924452Z","times_seen":5450,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":72,"dns":1,"connect":10,"send":0,"wait":11,"receive":3,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}