{"report_id":"0fd2cc85-bdc0-42ee-8816-d228c1847be7","version":6,"status":"done","tags":[],"date":"2026-03-20T18:57:02Z","url":{"schema":"http","addr":"cyb-ref.com","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"cyb-ref.com/","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"title":"Mindfrontoud - Юридическая помощь при восстановлении финансовых потерь","dom":{"size":72687,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (722)","md5":"0bd3f5aab013d060765d2b92bfea038d","sha1":"2044dbcf24a1e89d90800e99079642c0ce9db061","sha256":"f522e784312a939401969a53d9f533be42aa6cfa958c308f83ceb9568ffda766","sha512":"db89c1111009d6338dc96e08ed6f1964850dd4c203dca33e6d494377067bac9b0ccfd07d6d0066358f5463dddf1928121a86d3eaf01e3c55730e6155348ecae7","ssdeep":"768:AGuvRtVt0/tLI1dCra2SiZ8g7anKDEWpQaNvKQBh6jq006vK7or1R0sJ2mHPw0zg:EX0qdv8R2c/BIPDY92aUa/1aUCHqd8q","tlshash":"f16375215df720891003f01ade243f093ea948bfab5fd730769c296eafd255585bb31a","dom_hash":"domhash04adc579dfb536c676549901ab9796c8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cyb-ref.com","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-24T18:57:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-15T22:19:58.945817Z","alert_count":0,"request_count":2,"received_data":6278,"sent_data":941,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cyb-ref.com","ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":108,"request_count":18,"received_data":2135116,"sent_data":14073,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-15T22:16:12.279722Z","alert_count":0,"request_count":3,"received_data":68933,"sent_data":1651,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Staatliches\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"63:D1:AE:99:1E:49:D7:6C:71:F3:BA:F5:BA:47:74:1E:EB:90:E7:D6","sha256":"69:90:BB:9D:82:60:82:88:FF:CE:F6:B3:3D:DD:B5:B5:FB:F0:56:17:FD:FA:0D:BC:9C:5B:83:51:98:0D:2F:CF"}}},"request":{"raw":"GET /css2?family=Staatliches\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 20 Mar 2026 18:56:40 GMT\r\ndate: Fri, 20 Mar 2026 18:56:40 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":865,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"dc43f5085c6cde1ce3c0e820a81fc2dd","sha1":"0e0105d58da2f84140297c2e6517cd0f314663e2","sha256":"77b4030bea1abb1347de21f0dfcccb59606681d92a5a34d33e6d828560f8fc0c","sha512":"fb80bf7d66aebe2c60c922860f02f1f977ee12b99c5437e24cee290abebdff4b58e8df6dbd806fdbfe3cc764c256074d173ccbc65efac428b8d53bda9dd877ac","ssdeep":"","tlshash":"8211ef81042fa800db830cc112cebe32ff1e61516454e5646ffe1888ec97c6a93a6b5d","first_seen":"2025-09-05T07:48:30.430656Z","last_seen":"2026-04-12T12:03:39.068318Z","times_seen":1161,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":133,"dns":1,"connect":8,"send":0,"wait":20,"receive":0,"ssl":133},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/thumbnails/business-consulting-a1f80-1.jpg","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/thumbnails/business-consulting-a1f80-1.jpg HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/jpeg\r\ndate: Fri, 20 Mar 2026 18:56:40 GMT\r\netag: \"69296bc4-1ff3c\"\r\nexpires: Mon, 30 Mar 2026 18:56:00 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 130876\r\nage: 40\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NhTgVaxEcIe3pHDq6cQpEmeAg3rYEUPIqf8ZvKGAEbH6TQ2LdLdlfg0ubZx0ui5XnXDxRKu0wOMI4F5Em8PoieW79XGNFWCbbBv4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f02f0edc562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":130876,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 1600x900, components 3","md5":"e9b1b3fe19b21dd0ec838fdbc5c2a752","sha1":"59080c8db2588ddc64771f28c15b9fe3da331435","sha256":"378a8ced13b32dc1db47e820bba687b18e66a410cf4a4017eded5aa215286a8b","sha512":"2940300eec6ed40d5e6262299b3e86f9486803615cfd306e4377ea16eef9dbdfbc7f31c6924e0295868679951ea2f3909abd0a87df36958540ff9b1804ff4217","ssdeep":"3072:EbXDv2JmEoUt51jmFwklNZ1rLk4B410f/xsFA3LsK:EbzGBmFplDNT410f5GA37","tlshash":"1dd3024708649bbac40dc3f87f935d6e9752132da1626cb784b06da730b4da689fd03e","first_seen":"2025-12-23T01:57:04.663433Z","last_seen":"2026-03-23T16:34:58.626154Z","times_seen":18,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/files/img/male_2025-04-25_12-52-26_1.webp","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/files/img/male_2025-04-25_12-52-26_1.webp HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/webp\r\ndate: Fri, 20 Mar 2026 18:56:41 GMT\r\netag: \"69296bc4-143b2\"\r\nexpires: Mon, 30 Mar 2026 18:56:40 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 82866\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cl9e4l1FdI5iIn8zvvSMaTsrzAxlHGg9ZU0FusYPJrjhyzWmlOj5giSAgPNSon9PrzigAVdgG1dCUL71tZqtmgtRLwM5Q%2BhLVj1i\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f02f0ede562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82866,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"93849c02379fab4feb963a97d6101efd","sha1":"fa7f5f1ae18ef2db3c2b1b7c107ac3c507ef6dcf","sha256":"9070366c296e629656a29ebf0fe3753a546c025f2288ca130b1b1ca871401e17","sha512":"a4e0275cfd1af2d732a6d05e525a03c2bee0c63375d6d279b8a77a03873e86d0ca09189e7efccbaba70a0c4501bd4a8c5f7d98ec32f3e714e724a0418668c4e0","ssdeep":"1536:LTv21cle02eCoRLZznBZ6ig8BPVfyYSET6mvEo1tqg1a1n+lSE8qr:LTv21cTWoR/ZRzhV7lWA1T1ay/8k","tlshash":"d183125fcac3ab2c9d831fe321ca27575018c4a3276520fe05aee749d28f149f58689b","first_seen":"2025-12-23T01:57:04.676229Z","last_seen":"2026-03-23T16:34:58.609546Z","times_seen":18,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":299,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/pic/photograph_gallery_6823165b69a280.25165737.jpg","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/pic/photograph_gallery_6823165b69a280.25165737.jpg HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/jpeg\r\ndate: Fri, 20 Mar 2026 18:56:41 GMT\r\netag: \"69296bc4-27242\"\r\nexpires: Mon, 30 Mar 2026 18:56:40 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 160322\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gkdPcLnstK5v1Wc47wR4Qlr%2Bij9W%2BZIjrjbT0z%2Fe%2B746S7tzLebN6qNNam6z3MXKx5icypORFZ5eU%2BSKlOUcN3SqtxeRVZYVjNcy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f02f0edf562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":160322,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1280x1280, components 3","md5":"4ba0a39f9f1647e61ada7e3953c906f7","sha1":"909c120dc3fd2b8c21430185d6645f2f0b45e49f","sha256":"dabfa7e727600d65532c08cff3eef8f7c56ed364e9c99f59f921654d6da533b5","sha512":"4eeeb3a2e9839a532a8527cfb22c12aac1acc3949b643ac6fad21d1c713008e49fefee5fc6ef860b297d7b9f53cdcf1bf7db8b87aa55eae55bf4fb2506b2aeee","ssdeep":"3072:6+veE5rKEdePfxxA1bSh85hty7PC+kfyyNIGgfUDD/5hadT+PN2IP:lPrKEdSxa1IMty7PCByyNIGg8xmTOF","tlshash":"daf3124f30d7fab6fd6654b81072678bc2513e2c8c1a25c5e006ce22a333aed5995dad","first_seen":"2025-12-23T01:57:04.684089Z","last_seen":"2026-03-23T16:34:58.617748Z","times_seen":18,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/files/img/male_2025-04-25_12-52-26_2.webp","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/files/img/male_2025-04-25_12-52-26_2.webp HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/webp\r\ndate: Fri, 20 Mar 2026 18:56:40 GMT\r\netag: \"69296bc4-f3c2\"\r\nexpires: Mon, 30 Mar 2026 18:56:00 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 62402\r\nage: 40\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ndP7qwrg8Mf2whhvi3BxyZPfiFA69EHPHnK2b8Zak2DpI8rZIsO99Dj4Y8lt2fXilvPqkU9ei5AWoJ749GZjlu2d0YTndjS7YeEP\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f02f0ee2562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":62402,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2bb9bef3909068c23a113271f25bd8b1","sha1":"117318df5c5eb95ce5e76b327393ca4185a97616","sha256":"a54732d01381bf0967c0fdab1e8ad5b80a6897e81c8348bc22f05808da50f842","sha512":"8756c4e954879b32ce9dca983958b5ae1cde1ed9bd6144b561ba04eb798d9126e578526417195fe914af685c9445b342ddf3af3956b50a8a467ae5995b47cb9f","ssdeep":"1536:nu184p6qE/ftWJNaX/76FV+H75PAYEEOV6aGKdtf:u1hMftwUOWb5PAYEEu6x4tf","tlshash":"9353028b568f045b1178098d588817adbe3bf3e04458c7f6550e2b983f190afa4d79fb","first_seen":"2025-12-23T01:57:04.648278Z","last_seen":"2026-03-23T16:34:58.616517Z","times_seen":19,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/custom-folder/custom-css/plus.svg","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/custom-folder/custom-css/plus.svg HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/svg+xml\r\ndate: Fri, 20 Mar 2026 18:56:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 30 Mar 2026 18:56:41 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69296bc4-236\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PsOSqEfmq07%2BrPWWU5AlXsQfa1v4VWHnGoKX9Nxyq4sj5FJxce01GrWC0txs3f0vvl0l534MYscBUOcSdBB9q3oQudzJrGJv8kNa\"}]}\r\ncf-ray: 9df6f0303efe562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":566,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG XML document","md5":"901bf658114fb010fa102e840adde2ec","sha1":"4cecfd109d2d746daca76d7b1cb92075433d258d","sha256":"02860b9123ce78a9cd47a8917409173499587c1a193947300028db3cac966ccb","sha512":"532ba64c1adffcc579e33ee266fe081f8d731d9c85e82462e4f6797e8a4651646cc213f2bbce110b8ea569655054b2041b08c3cda7a1d8044f18182d741a8764","ssdeep":"","tlshash":"8ff0e16e97084caca107c323f7e0333101a590470b5ab218c4b35138e08c23dad3fadd","first_seen":"2024-08-19T21:19:06.69987Z","last_seen":"2026-03-23T16:34:58.620307Z","times_seen":20,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/icon.svg","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/icon.svg HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/svg+xml\r\ndate: Fri, 20 Mar 2026 18:56:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 30 Mar 2026 18:56:40 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69296bc4-6f7\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TnTYAmBDobePJ4wUUDZFDyfBZWBmR5c2Lx%2Bk37QPwPleYkTfXjB51XTuZDUrMX3TU48mi5hSompvzY8Em1YSrTr0LJvJ49EhLvDg\"}]}\r\ncf-ray: 9df6f02f0ed9562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1783,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b0a1dd4f8ab7356ec758c13d57319a83","sha1":"4a4967d23121072669758dba02f80968f0224bbb","sha256":"6e74055ebeb371759fe6f31e593559cbf362f9574de1ce08c500835d0f0f6317","sha512":"be6790d583ebd701fb836ff0e4494621c7c46a85fed0c5738b8d8a63e3ca3505099253142357bbbae66a31e292f1d02c15b35b8c8fbbc0cdfacb96043d7a787f","ssdeep":"","tlshash":"a53171a6c35b0b78ad05876e84d0147135e8206e35bea3fcdeb786d274168f00a64cfd","first_seen":"2025-12-23T01:57:04.661718Z","last_seen":"2026-03-23T16:34:58.621424Z","times_seen":18,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/pic/portrait_gallery_6823165b69a3a0.53268444.jpg","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/pic/portrait_gallery_6823165b69a3a0.53268444.jpg HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/jpeg\r\ndate: Fri, 20 Mar 2026 18:56:40 GMT\r\netag: \"69296bc4-18377\"\r\nexpires: Mon, 30 Mar 2026 18:56:00 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 99191\r\nage: 40\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4EOlPKwsehgn663opcnYz3pPpJSqXbPajd6Xzh1lntBBDN6YMKhfullFjkO%2BiWkjUbiFV%2BAKeuRQKcDuD3sNHRlHlFmV%2ByktDX4p\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f02f0edb562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":99191,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1280x1280, components 3","md5":"b1853091b4b89257143d738050ff0528","sha1":"edaf0976a7b267357038d687e3c856868c603168","sha256":"4c0af78a84ccea24f46701b1854444e36b2aed5e339ece6c8f7601084bfab56d","sha512":"204d6e66e9abcfc3e93c0eb07f49beefc8d1b14e7f28c97b244188cb35ff0f39f8009effdaa9cfa04702d3979139c009e37a5a4cd0f8068847d845de3a611a6b","ssdeep":"1536:6m78ItEthxEifrJ9/R1+BvpbnagdO2MNqa7H7bSU6fu7SFCI0D:6PhpD91mpTauO2MNn/SUT7S4V","tlshash":"a4a302e9f913d78ac4d34cf8907b389587a4fd0dd3a5d7e39056d2f8046501ee9ca248","first_seen":"2025-12-23T01:57:04.670916Z","last_seen":"2026-03-23T16:34:58.608861Z","times_seen":18,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/files/img/female_480x270_1.webp","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/files/img/female_480x270_1.webp HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/webp\r\ndate: Fri, 20 Mar 2026 18:56:41 GMT\r\netag: \"69296bc4-dbea\"\r\nexpires: Mon, 30 Mar 2026 18:56:40 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 56298\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MXxQP2bwF7rHrnT81cqTZEs2%2FTwx4qtKxjeiCgjGdrb3vCvl70z3Qb7m%2F%2FUhMeN%2Fg3TiFCzbE3RxDKW8nO0Dp1zajKnkSgmkW54Q\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f02f1ee4562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56298,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b381ddff967181a7c984c3ea50478994","sha1":"0394f609305c231caa80669d764ffb3175ce65d3","sha256":"1a226e305979a38a27244df491c0a9e7b6d0d636274a5c204082b97de8ccc97b","sha512":"8e3cd8a37c5cc0a5ebe909cd59bf6aff9e74365a227326fd2c3f862204c15d7640b3ee78837146342fe04e2de6c1e53779d3688b5e02f77ee2e512876f8c9c77","ssdeep":"1536:TXqJQW1d4FNnTVYKwmjlyjaoD7t1BlDTxu:L7WzyQKwmRyRX73s","tlshash":"e943f168b307b5d750e635fdfbcd2615d908ee122a9fde0039a6c444e4bd89f1244eb2","first_seen":"2025-10-08T08:25:31.413392Z","last_seen":"2026-03-23T16:34:58.628139Z","times_seen":19,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/custom-folder/custom-css/hero-bg-1.png","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/custom-folder/custom-css/hero-bg-1.png HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/png\r\ndate: Fri, 20 Mar 2026 18:56:41 GMT\r\netag: \"69296bc4-3723\"\r\nexpires: Mon, 30 Mar 2026 18:56:41 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 14115\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uzpNZfhz67mzDWMtYXTyNbiiwzBz5MecHOEdBWBzXTcvQPFcw%2BYRHidfuvmLN%2F6zE8bTnOOaZjAp%2B77gLvWKjzCt%2BXYOZRuXSizJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f0302ef7562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14115,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 969 x 495, 8-bit/color RGBA, non-interlaced","md5":"6aa7574e8ae4aa28bb6c1d33fcccc917","sha1":"d56bb3551518da45ae4d2e7e2f1c11642b59fd30","sha256":"618f031b0e8c9aced33b920bbd71ff03b610c1893a36aa24bec525f15d979c73","sha512":"ccbef2fb9745a568c3c41a27bbc89d7368d3f081c8e79b8a815bc8bf0e26ee7ca4ea7519d17f922a810852ceefc8ea3c7755581f5ff1a74e45e0636948e41487","ssdeep":"384:KraWnyk2gfqtjCCu7LgQpimuocs9qUCu4htpHsaV:KzPStjCC4s6imuoFCX3BsaV","tlshash":"f3528d837b713d571815d8979946b4e8ba3f0fd1fc027b72abacd80728b03b96604a43","first_seen":"2024-08-19T21:19:06.690422Z","last_seen":"2026-03-23T16:34:58.60692Z","times_seen":20,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/custom-folder/custom-css/how-work-sect-bg.png","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/custom-folder/custom-css/how-work-sect-bg.png HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/png\r\ndate: Fri, 20 Mar 2026 18:56:40 GMT\r\netag: \"69296bc4-21f9\"\r\nexpires: Mon, 30 Mar 2026 18:56:00 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 8697\r\nage: 40\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TRDHVd6ylnNHArsaz3B%2BnFXD4tMpq9LYXrZ%2FbJpHuvTQFVGOkh%2FtcAD3Hl%2BwrI%2FLD1RelyZkOLEzG7eJe9ITAjmRK22u6wNdqJ%2B2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f0302efa562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8697,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1014 x 495, 8-bit/color RGBA, non-interlaced","md5":"005820965d4e6f545e2becf864bbed37","sha1":"29b468ee39d3aef8acf4791c4e6aaddf0518d3e5","sha256":"dd3d276ed2da75ceaca465329cb7185f88d3009cf1accaed9306356f22a73e41","sha512":"53c2e8561cdb89191b8540e5897694bc9a3f4a94fbd57d76ad0a27393aaa1624e2b48cccdf1ac831bbe4b4e41a7b5a740bc2add5396223f941cd63648ecdb6f5","ssdeep":"192:eEQvSqkkn6HCyK7777777777777777777777777777777777777777777777777L:eraWn6iyK7777777777777777777777H","tlshash":"e002703a68c36e5825182d234f69d95b17120ecff18158b7e9c207f32c6d5e1bdd8b81","first_seen":"2024-08-19T21:19:06.69417Z","last_seen":"2026-03-23T16:34:58.619046Z","times_seen":20,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/staatliches/v15/HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/staatliches/v15/HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cyb-ref.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 16076\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 17:57:50 GMT\r\nexpires: Tue, 16 Mar 2027 17:57:50 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:24:55 GMT\r\ncontent-type: font/woff2\r\nage: 349131\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16076,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16076, version 1.0","md5":"df9e091a834cfdd8b2fc0beeec7dbee6","sha1":"1b473cb2cafc8b07a7632eb54dde288d290ddc6e","sha256":"8d6ca3290b223826c702bd4288d4c79234db353792fed22de4db9321851ad9a6","sha512":"12e06fc8d0258d46f4a4e31794985155a923341bd43d538d969677731a86b1a377ea6e743f4ebe0c0173f5aa3e859fda060ec8abdf744d97c5e1dc472180e107","ssdeep":"384:u6ROOgJQrpLA0A8yok81DGoLZJbSjm+m3DSTcI9MD6:VTgJQLAkkcDPZJsmb3Ycx6","tlshash":"b172e1ef94dc8717d2a4f8a11b2e86483f6713431878a8675507db6304d60fad7e6329","first_seen":"2025-09-06T20:33:05.902181Z","last_seen":"2026-04-12T06:28:53.179573Z","times_seen":602,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":63,"dns":0,"connect":8,"send":0,"wait":10,"receive":2,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/adventpro/v33/V8mVoQfxVT4Dvddr_yOwrzaFxV7JtdQgFqXdUC4jMm4bHQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/adventpro/v33/V8mVoQfxVT4Dvddr_yOwrzaFxV7JtdQgFqXdUC4jMm4bHQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cyb-ref.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18144\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 14 Mar 2026 01:24:43 GMT\r\nexpires: Sun, 14 Mar 2027 01:24:43 GMT\r\ncache-control: public, max-age=31536000\r\nage: 581518\r\nlast-modified: Tue, 16 Sep 2025 13:26:24 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18144,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18144, version 1.0","md5":"0ce920f37b71a32e7f64f46099b8b105","sha1":"f730873db9a3b927aa9ab403ec7b226fd9a2c330","sha256":"aac885531abb49268ee1a0f33fceac64b2a6b541377fa6a3d1e760aedcce14a5","sha512":"76aa939444e5b913e403635f08127b768905ec82999f0cab405448aec8dcd227c4360f772054a5d45f49c5a46916360651a3b943d8cbe111f4e61635a45c525b","ssdeep":"384:gXB+pcZ+502mNi0WjUOmSAbCM+ZNkZownTqdcvJr6AiuJyBGa2mHBvCuNfHQa:gy50+W5bt+ZuHnudYr6AixFHn","tlshash":"d082cf9470bc28a1d19d7cf1c65691609c8b9b62f385f033f6c9e8dddbe426f8939244","first_seen":"2025-06-28T21:25:36.905927Z","last_seen":"2026-04-10T07:55:47.972318Z","times_seen":26,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":60,"dns":2,"connect":21,"send":0,"wait":9,"receive":6,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Advent+Pro:ital,wght@0,100..900;1,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"63:D1:AE:99:1E:49:D7:6C:71:F3:BA:F5:BA:47:74:1E:EB:90:E7:D6","sha256":"69:90:BB:9D:82:60:82:88:FF:CE:F6:B3:3D:DD:B5:B5:FB:F0:56:17:FD:FA:0D:BC:9C:5B:83:51:98:0D:2F:CF"}}},"request":{"raw":"GET /css2?family=Advent+Pro:ital,wght@0,100..900;1,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 20 Mar 2026 18:56:40 GMT\r\ndate: Fri, 20 Mar 2026 18:56:40 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4041,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"a26d4d66902321c422f36418b8618964","sha1":"f15d0be55c3d756707e3ba7ad68d49b53847a63c","sha256":"771ce73803a73dc1e24033f35bb64c7938f1bc2ab8d147c19dfce37c69860c07","sha512":"647d37a23ce7073646b2d2b8ef7c701c4d2037ae99ed79fce5a8b21c8485926594e38f70bf04059af357b8ba931800e288bb21fc4565ac7ab59b2940ef9cdde2","ssdeep":"","tlshash":"4281af91041b8488ab43dcd267ef3f27bd4e95642080d67a6bfd68d8ace9c22435075d","first_seen":"2025-12-12T14:22:19.932096Z","last_seen":"2026-04-05T22:29:51.594479Z","times_seen":22,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":72,"dns":1,"connect":8,"send":0,"wait":19,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/pic/photograph_gallery_6823165b69a319.22344319.jpg","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/pic/photograph_gallery_6823165b69a319.22344319.jpg HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/jpeg\r\ndate: Fri, 20 Mar 2026 18:56:41 GMT\r\netag: \"69296bc4-31bdf\"\r\nexpires: Mon, 30 Mar 2026 18:56:40 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 203743\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OXQ1YlT7KZ4lAC%2FN8j4d1phpChEeUum0U0o3GJpCqVWqLzzYL1QI682eDXH4CZNrVtVRq7U1Jr7Nhd8Qz4NZ7joHNnhkLMJOe48O\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f02f0ee0562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":203743,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1280x1280, components 3","md5":"62477e0b3ae936c16735c8ae3f274fd6","sha1":"7a0d97c39676f31d51a92ffb8cb9c0b8b73055be","sha256":"46d2d65e0cb3a878e54c46baed3f4fc4757823d7a3940db796d2b4573de7f392","sha512":"4f9e7ee5a21390844ff088a73f23c04ec376583419f545e2efd25e01da0a68085923300764c9a1f4709cfbdd18d08928331ec142b134a5d35fa300029813b8bb","ssdeep":"6144:jeJCZ6R0GdlBWyBPqzh1I37yB84gJv1KiIu:KCZ6R0Ai9WrP4gJv1Knu","tlshash":"021412f53213df34edd97ab911c86f746c8bb3010d669e6c8ea67d2c21b804b758607a","first_seen":"2025-12-23T01:57:04.641149Z","last_seen":"2026-03-23T16:34:58.618336Z","times_seen":18,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":482,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/files/img/female_480x270_0.webp","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/files/img/female_480x270_0.webp HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/webp\r\ndate: Fri, 20 Mar 2026 18:56:41 GMT\r\netag: \"69296bc4-d55e\"\r\nexpires: Mon, 30 Mar 2026 18:56:40 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 54622\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kg8OFT4H9GDhyWMSpj1LiLTxX3zv%2BqFXJDPd4f0nsE%2FzACLMZfHfO%2Fd85lpCybv2DPTMIV7u11w36Hacaih6No2hWvrrw4r7%2FKpU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f02f0ee1562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54622,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"babb5d4a2bcf874245abe463efb1fefe","sha1":"be936dd06a60983811fe7d53e759fcf40a26e2bb","sha256":"4b56e0028c0a2cf6af9dae5c1517b3a0a2b97a2ca9604a15abd651a96d4b6353","sha512":"a0ccc1c348cfd8f94d1b9c8c41d98228d8f5be90a4263ad2e5eb7d6b3006918c56d85bb2effe7c69bbad80bce708257fdd9235b573de456587eff92e8b6079af","ssdeep":"768:VVa07hhcVYebpagE+ddzlevB0satGTgDYRpVKzbCWEyXee9MhESMc0ADq:VVa07h+4O/gB0sawTGY2zpSCQq","tlshash":"c933f140936c3fa4e71c3b7a5694175b9beca22f4116ea62fe2077d464dcc4883287f4","first_seen":"2025-12-23T01:57:04.644298Z","last_seen":"2026-03-23T16:34:58.610178Z","times_seen":18,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/pic/portrait_header_6823165b699ee6.41077907.jpg","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/pic/portrait_header_6823165b699ee6.41077907.jpg HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/jpeg\r\ndate: Fri, 20 Mar 2026 18:56:41 GMT\r\netag: \"69296bc4-77fac\"\r\nexpires: Mon, 30 Mar 2026 18:56:41 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 491436\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AKQJkjkhoYmKS4hgxo9kPVFgETRrzk1bnzAPKodC0UPvfapWnlr8CWGy%2FQ6ADT5je095Y9UIsMdnRL098dDXsMXJxbpGqs7j%2FXPc\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f0302ef8562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":491436,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1920x1451, components 3","md5":"8f2a3baf6dd1f2d26592823768c4893d","sha1":"c4f73dc7c2f2581965694f4917930b3b7158e4a8","sha256":"069d0a0ff1bdf4e1d89c52eb29917e34ee11ffa8508aae4fa5cc70da57746415","sha512":"98a2843e3a2f6ef008dad9ec4546d12a9cd624cb4cc60695c9212ff693777395ae1a7d202553880aa37de10d3fb2ffa32e1b286fbdfdae62d640fd7b5e5990a8","ssdeep":"12288:hMjnFUjJPSmMB1O2jw6+zTHRx5O8sA3TkLOnrP:hXjJmOuh+fxxsbA7rP","tlshash":"7aa423f3a27b2102ec01b5702da63f7dd5649e9786b1f8c4569599f2f302622cbcde06","first_seen":"2025-12-23T01:57:04.679403Z","last_seen":"2026-03-23T16:34:58.623271Z","times_seen":18,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/pic/image_header_6823165b69a1f2.07027763.jpg","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/pic/image_header_6823165b69a1f2.07027763.jpg HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/jpeg\r\ndate: Fri, 20 Mar 2026 18:56:41 GMT\r\netag: \"69296bc4-79c43\"\r\nexpires: Mon, 30 Mar 2026 18:56:41 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 498755\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eWPrEvQlEXsjne85aN68obESmddivwQj34gbcTh6zxjojM5wSAeeW4cutbs11O1zAnA%2BHdg0y7pZXJlaJSSvkoRWvo8ci8MbGL8L\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f0302efc562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":498755,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1920x1275, components 3","md5":"4b73af5453b833f5f9fc48dc62f5b096","sha1":"121f861abb8b4e7f27283ad86cbcc39575631559","sha256":"e347848c4bc4e144d5b67d9eae037bfcda077538ef4da619bdd537eed8803f9c","sha512":"5c155da212875011b86169d3a646de0c9422b89f13447b842cb68721673e4a56762fc794996cf4fa865ade24787f9cae4ab8f8d246f2b2db06617b1d9588fa65","ssdeep":"12288:HBZmLo5NPmSWTmZWBn6szzzJY5h4x3Aqm9jfL/FX2JKpbrsCXXtD:z5bWTQWoIlYnh79jflUKZfD","tlshash":"71b423fa2243f198daeccb38b12748e4c776b7d6f591129607a8270c9f154fc6d6e212","first_seen":"2025-12-23T01:57:04.673933Z","last_seen":"2026-03-23T16:34:58.619691Z","times_seen":19,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":418,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/files/img/male_2025-04-25_12-52-26_0.webp","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/files/img/male_2025-04-25_12-52-26_0.webp HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/webp\r\ndate: Fri, 20 Mar 2026 18:56:40 GMT\r\netag: \"69296bc4-15f2a\"\r\nexpires: Mon, 30 Mar 2026 18:56:40 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 89898\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nzxzbgytl2bobCPpty5FzNyQFE854UAMeUTRgaUhv4zrStzS8BuZTFOhzvNXrTfvV%2BDRDlbcVYvBfXU3Qwv%2FuKpXWuZBDkTQNfsH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f02f0edd562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89898,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f8d0d4185b2474868365e0759dbfc528","sha1":"f71220de237bf20a4e3690fe57d8009cc2f5d83e","sha256":"44f835c71e88d5b4079c9ca4b3cfc7a4bef7b1cb93d461d24ea7e7dc62d0b4b4","sha512":"e34232aedec4cc7f8ea3f6eb190556459f78335365f6349820dda8f6e45c84d1e34837ead20f9dda4be8ad7afe7a452abc89d61215a1e627b2f1e1908d7cd8a5","ssdeep":"1536:LLNwKvULgZp+FgErQ8feqdRtmMNioSIkTVbmy1NDsdVx72q9kL4UlyYVBIw5Ry:LLJZgjz/tmWiDIkBydDa7yYVicw","tlshash":"199302921e06ecdd49008ee1933a3f9b63a7fecc9665d9c1d94d0417b8ea37b8608d34","first_seen":"2025-12-23T01:57:04.665058Z","last_seen":"2026-03-23T16:34:58.621995Z","times_seen":18,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/files/img/male_2025-04-25_12-52-26_3.webp","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/files/img/male_2025-04-25_12-52-26_3.webp HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/webp\r\ndate: Fri, 20 Mar 2026 18:56:41 GMT\r\netag: \"69296bc4-16362\"\r\nexpires: Mon, 30 Mar 2026 18:56:40 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-length: 90978\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PRhJQrvenAG%2B1PHOWGPfuh6HRha771mXAzlVyTSWtLUFoW5gq5Lfkom2md%2Ftb9ahpARH72jjh61c6KChvEoq4WKoLKmxscKTEpGq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6f02f1ee3562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90978,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0fa3f47ec90b8eaa35ee635379408e8a","sha1":"ea01cd8f45abab862e7eccfeba42b9700f56b4c5","sha256":"cfd7f46003ab1efd4c89448d1fd12a38dcc273e90a8df9ea285a4dd9614afeac","sha512":"4db34554d62ae912d11c0020bd741a2aa33ca84f94b666d48056be12e51ae504123c3035a72694295f65c177357246e97a0cae69e818e9d97c9e3b2cf7bab536","ssdeep":"1536:/1EC9O4+lT/V8KEDBPkqBbFvUCdUFUmlTobUb2vyM31rGkvyQYnCgMdEnPGNlct9:/CC9O4+luKuBPXBxUCEUmh2vvfvadnu6","tlshash":"f79312067ac64a277210570d335e4e5b11f88b2b87a3d9b9c412ce68f707d767e6d838","first_seen":"2025-12-23T01:57:04.672227Z","last_seen":"2026-03-23T16:34:58.628865Z","times_seen":18,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":354,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/adventpro/v33/V8mVoQfxVT4Dvddr_yOwrzaFxV7JtdQgFqXdUC4nMm4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:40.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/adventpro/v33/V8mVoQfxVT4Dvddr_yOwrzaFxV7JtdQgFqXdUC4nMm4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cyb-ref.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32208\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 18 Mar 2026 19:26:42 GMT\r\nexpires: Thu, 18 Mar 2027 19:26:42 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 16 Sep 2025 13:26:30 GMT\r\ncontent-type: font/woff2\r\nage: 170999\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32208,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32208, version 1.0","md5":"2980d1e3f989e5366b321c717efd0875","sha1":"66b3e8fdfdcf773d453be85f18273bfa6082e4bd","sha256":"7d0b4af97a6a5d09646c8fa656913324939c5330b98de94729346be6452df371","sha512":"159137b8f62e2c459abec3361f28789f1749f24d8a43e59ad011d4b23824fee010464bc5cc55ac0f12094217f28063155c08bfe01002f2bb2de02634558c2eec","ssdeep":"768:EfIDO6XtIKbdX9jv6TqpB3KsNEla+CUNHAiFk4Qih2/7jz9Grh9mLRg:PO6dIKbx9jvE2JoNgQ2/r9UULa","tlshash":"96e2e1b8e413f8d94265dffb23ae0e5ecbcd05d93851c888408a5b1727e8187af58736","first_seen":"2025-06-19T14:56:45.676889Z","last_seen":"2026-04-12T03:14:12.940252Z","times_seen":256,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":72,"dns":3,"connect":8,"send":0,"wait":10,"receive":3,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/lander/vayt/icon.svg","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cyb-ref.com/","date":"2026-03-20T18:56:41.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET /lander/vayt/icon.svg HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cyb-ref.com/\r\nCookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; _subid=1sjos4f9afeh; 07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\npriority: u=6,i=?0\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=864000\r\ncontent-type: image/svg+xml\r\ndate: Fri, 20 Mar 2026 18:56:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 30 Mar 2026 18:56:40 GMT\r\nlast-modified: Fri, 28 Nov 2025 09:30:44 GMT\r\nserver: cloudflare\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69296bc4-6f7\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z%2FM8q9uuwOwX%2BbwHdnrwJ5h9fmSJNI6VvJWSmR0tseONEq2vAKFhzoH7wrmRVYGZen3AYkHGG7XYtKoicp%2B3rjGsVZWOWYfmIdWU\"}]}\r\ncf-ray: 9df6f0334f97562f-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1783,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b0a1dd4f8ab7356ec758c13d57319a83","sha1":"4a4967d23121072669758dba02f80968f0224bbb","sha256":"6e74055ebeb371759fe6f31e593559cbf362f9574de1ce08c500835d0f0f6317","sha512":"be6790d583ebd701fb836ff0e4494621c7c46a85fed0c5738b8d8a63e3ca3505099253142357bbbae66a31e292f1d02c15b35b8c8fbbc0cdfacb96043d7a787f","ssdeep":"","tlshash":"a53171a6c35b0b78ad05876e84d0147135e8206e35bea3fcdeb786d274168f00a64cfd","first_seen":"2025-12-23T01:57:04.661718Z","last_seen":"2026-03-23T16:34:58.621424Z","times_seen":18,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cyb-ref.com/","fqdn":"cyb-ref.com","domain":"cyb-ref.com","tld":"com"},"ip":{"addr":"172.67.151.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-20T18:56:40.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cyb-ref.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 13:24:10 GMT","end":"Sun, 17 May 2026 14:21:55 GMT"},"fingerprint":{"sha1":"0C:29:B8:AC:34:D2:94:5A:6B:36:BB:A2:12:E9:3D:F9:92:94:28:E4","sha256":"B4:D2:05:97:4C:97:77:3E:A1:35:16:EF:ED:61:9D:85:96:B7:BE:DD:9B:7E:FA:3D:7C:5A:18:72:4A:19:A7:6D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cyb-ref.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 20 Mar 2026 18:56:40 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Fri, 20 Mar 2026 18:56:40 GMT\r\nserver: cloudflare\r\nset-cookie: fdf5f479=688cc70d257e90ad4860699b7f250bb459a9f42dbad69674113634d01bd46e7c|1774033000; Path=/; Max-Age=86400; HttpOnly; Secure; SameSite=Lax\n_subid=1sjos4f9afeh; expires=Mon, 20 Apr 2026 18:56:40 GMT; path=/\n07e01=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNzc0MDMzMDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzc0MDMzMDAwfSxcInRpbWVcIjoxNzc0MDMzMDAwfSJ9.Gj_JOvoBFYClRIWoLkj9Og54PUW8nPX3LoN12fdbgew; expires=Sat, 21 Mar 2026 18:56:40 GMT; path=/\r\nx-powered-by: PHP/7.4.33\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E83wCTAmCMiS53WRCuY6mpPiEmFT1EnFq4ZgU48ImWRE9o8Rn9J0NJhbDilxzw8W1oGOjLngSZ1IdBkL8BGs4COdaF%2FFMpfeMcoT\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9df6f02c8a16f3c7-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73176,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (722)","md5":"5e8d090bc06c0ba4fd36561751bcd9d9","sha1":"d524d3b59f6c3a9e83db90ce327f0a8403f1242c","sha256":"44e057a9e4fbcf25eb5c1173a19f296659d368708690282b1088f599ce56e804","sha512":"5c43b576ea8bb778dfb3b0f0032a8f5b0c2143d28f8f3e9392366e60790556bcbf91dc38e82a73bda0592959df9937236f93d3218f622fbc7c9d3810303b06d0","ssdeep":"768:UGuvRtVt0/tLI1dCra2SiZ8g7anKDEWpQaNvKQBh6jq006vK7or1R0sJ2mHPw0zt:gX0qdv8Rdc/BIPDOT2aqa91kqCHqdqs","tlshash":"eb6385211df724891003f01ade243f093ea948bfab5fd730769c296eafd255585bb31a","first_seen":"2025-12-23T01:57:04.668019Z","last_seen":"2026-03-23T16:34:58.608239Z","times_seen":18,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":41,"dns":7,"connect":8,"send":0,"wait":235,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-20","alert":"Phishing Block","trigger":"cyb-ref.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"cyb-ref.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}