{"report_id":"10fbc29d-53c0-4ad5-bda1-e604fe653feb","version":0,"status":"done","tags":["amazon","phishing"],"date":"2026-06-27T00:20:44Z","url":{"schema":"http","addr":"yamaxnyvip.com","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"yamaxnyvip.com/","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"title":"Amazon","dom":{"size":104088,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (325)","md5":"c8f39b701c53ac9bb48f1b243b7e8276","sha1":"c3312015f1bdec87a01271239847367000a7395c","sha256":"dbc02e911e66b98ef7539bd1b06397581be96985d64b0e3ad27fe6f12c525a0c","sha512":"f8f9f651451c4f41a1ccadf1477cc3606fad8a0c921440dd21db6202828edeef82f06d5d00171fae14ef9039bb1ed67f5429bd26d67ca7f9d6738ba8bc5abe28","ssdeep":"384:twdtMOky23ZvcPs6oESoHXm4nSrpHXPStHXBSkHXFSOHXDWSzHXfiSRHXeSVHXa1:wGihvX6ZrH/iKyVJgK6pj7zopZpZg","tlshash":"d5a300a081dd2dbb066345ebe1909b9d61dfce34caa38096f3fb675153c5c9af82b011","dom_hash":"domhash17a419c99b0e276c16a40e7bc68485ec","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"yamaxnyvip.com","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-01T00:20:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]},"summary":[{"fqdn":"yamaxnyvip.com","ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-02-23","domain_rank":0,"first_seen":"2026-06-27T00:15:47.452337Z","last_seen":"2026-06-27T00:15:47.452337Z","alert_count":87,"request_count":29,"received_data":1239840,"sent_data":16623,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"yamaxnyvip.com/public/js/jquery.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3eb0b37a85f17c2dc9b09887c858d27a","sha1":"e31e4c5c696fedf28587dc3719df363cfb0df750","sha256":"ae243dc52545596fa91b729dbf680985b2e513d4adc831caebcde4600e8b5d75","sha512":"d2f1d77ef2b823785208d3989588335058478d72b6d714bb7c20550cc1176648e99d869f055bd2f56aed55146efba1a807937c838404c7ac0e3601d2bd92d821","ssdeep":"1536:UYRKUfAjtledhTmtaFyQHGvCXsedOgRc9izzr4yff8teLvHHEjam7W5X3yzSiLnM:9Ub6GvCu09s2o2skAieW","tlshash":"e093e7d9b2d67123c7b731b850af510bb17698aa784c8c50f068d8e4be74a48907bf7d","size":94841,"data":"","first_seen":"2025-03-27T00:21:38.153648Z","last_seen":"2026-06-28T04:02:44.347096Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yamaxnyvip.com/public/js/global.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"53435494ddd9e2d35d51007fd7a7ed9a","sha1":"adfe3eaae38ad94c7b7600995f68f7f36cfe6e1d","sha256":"fb46429874ee0d0a1edd2299208ea4cfc6b45477a2e6594d45f5afe7313720cd","sha512":"7579d042281e56dda3c492679d0aabb25cb9f736234f6bb355066c12f24bd4881217593e925d9f5f959a0500b0ec52717447e38e6385f2ebe37f6af63a73f128","ssdeep":"384:6K7xvGH6hZxn8b1DwSZ7tQOJjBHNKRKgZp67Csv:6K6MOJjNNKtp67Csv","tlshash":"1f528418db8d5512713a31754d6e21cd223c98b32a04dc3ebe9464f07ef863e162be7a","size":13777,"data":"","first_seen":"2026-06-27T00:15:51.253926Z","last_seen":"2026-06-28T04:02:44.331645Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/js/jquery.banner.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c1e9add8b7d907e8908f8545a64a400","sha1":"37525d30b0742125f67470363af1b6df84bb8718","sha256":"4b8060f88392c1643829cfca1c033f993ac9333174d2d759305b2e961e923cf6","sha512":"8fa03407cb13509f9b049ebf72fd1835059f2dca52a1124320f1b93b30d5e94b60397d9f37eb43a44d25bfc340fb5839d0f2b9371869b862d2325405991fbbee","ssdeep":"","tlshash":"5f11af45b752204db47232f4993f2c44fd7676274511e5c0faa550b42eb9198c70dfda","size":1102,"data":"","first_seen":"2023-03-07T15:25:43Z","last_seen":"2026-06-28T04:02:44.347623Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yamaxnyvip.com/public/js/jquery.scrollLoading.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e8660a440eab6451052f4d597bf811b3","sha1":"46caf3aa0e893bc14d8d603702ecc1c594086fb1","sha256":"d57b3f36a06804a3d9996bffc987aeac517ef439d551dd77cbcb84a8f5e6b4cf","sha512":"097141b877b07e53d85a14408947fef774175e1261f21ff79c00622657e7a51655e324983041424ac3d720f4dcf827d0963c2c68d0b5c0b75b73a7d0d7cbaaad","ssdeep":"","tlshash":"554120a8e76d321e02b5b1ea1d3f03ce123ce033bd4154af3ea09da85ce4479a301e49","size":1948,"data":"","first_seen":"2025-03-27T00:21:38.156036Z","last_seen":"2026-06-28T04:02:44.339717Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yamaxnyvip.com/public/js/arttpl.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd622e58c9a123bbf70a159c8b3b0f10","sha1":"b37b4bd7acdf85b08278c1bcbe1571a5d7d96b23","sha256":"d28806438e35234b3287b06ba84873d366d8ac20eaef5c836467237b60dbabb1","sha512":"b8df150da1c908b2644cd5954f699a1e38e596cfcd26404ad81ab209c355683c74b430210238d55f20cc82b4730c4a874ead91d8cb4c4ceb62a77fd2f96d50f9","ssdeep":"96:B8GhIIHHSDySJTXj/VK4CY2ZcOHOqyP5uZ+E81vhBuJKPIBa9HQjqcYuqT9:B8o67e4CYJwOlRuZE1pBAB7qcYuU9","tlshash":"b2b1c8c8b57eb896c33a7970a1af040b60bad6a5b04cdda59185e5d37e3804c816bfdc","size":5324,"data":"","first_seen":"2023-03-07T15:25:43Z","last_seen":"2026-06-28T04:02:44.343385Z","times_seen":745,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yamaxnyvip.com/public/plugin/layer/layer.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","size":22104,"data":"","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-06-29T21:37:39.738271Z","times_seen":5972,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"yamaxnyvip.com/","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T00:20:19.269Z","timestamp":1782519619269,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: pe_lang=en; expires=Mon, 27-Jul-2026 00:20:19 GMT; Max-Age=2592000; path=/\nPHPSESSID=qcggcqer5jovtbu26r1e91nf8i; path=/; HttpOnly\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4RyW13jikhUkza9D2V2qjxy5Dal5SSwlvtnwICgL64x5edCfnauk%2BaeAEa1B%2BXkvY2869bHZ4cPqK2kOfk2vaBpY8sryObJAw4V4HPwezY6Gp0snBj%2Fq6Z0u3jCIuErVgg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a1204904ac7d76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":103957,"size_decoded":10657,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"e9bc876df439221198c0a7e34c20c9ff","sha1":"8226af6130a13b5bf1ea96a20e4fa2566d0c231c","sha256":"47a33212f6416fa5fc8003dc2d5045267799270d847f02b1692f492f71cd4bbf","sha512":"4060595120e278909c27dc7c2287564f26478e7e6c1b39f9986cba89b19d1a82dcc63eb2468c4853ff0bafe004560e03e52541bc5c2427a89c464432cdacd98d","ssdeep":"384:DBdtmOfH9jVZvHfQs6U+SoHX4WVSrpHX6StHXYSkHXWSOHXFNSzHXNhSRHXJSVHJ:1fdbkwq2Z3IS0RYIkCK6pj7zopZpZg","tlshash":"d6a320a181dd2dbb066340efe0909b9d61efce35c9a39496f3fb676113c5c9af81a011","first_seen":"2026-06-27T00:20:45.704891Z","last_seen":"2026-06-27T00:20:45.704891Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1380,"timings":{"blocked":0,"dns":9,"connect":23,"send":0,"wait":1348,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/public/js/global.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.902Z","timestamp":1782519620902,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /public/js/global.js HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 26 Feb 2026 10:18:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a01df8-360f\"\r\nexpires: Sat, 27 Jun 2026 12:13:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 416\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ts1Hns5uOTjL0ebTaIIPLaG5rgegPZIQe3Qk6hOyCkYEMUMILfHwAp8eSkR8SIuGhCJlG9w%2BM1dwv1zdo9wJEwwm541hU5BMLEmRdu4RUGUCZHZQG2oNKWb%2BbvmjaKdr4g%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a120490eae2976ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13839,"size_decoded":5161,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"53435494ddd9e2d35d51007fd7a7ed9a","sha1":"adfe3eaae38ad94c7b7600995f68f7f36cfe6e1d","sha256":"fb46429874ee0d0a1edd2299208ea4cfc6b45477a2e6594d45f5afe7313720cd","sha512":"7579d042281e56dda3c492679d0aabb25cb9f736234f6bb355066c12f24bd4881217593e925d9f5f959a0500b0ec52717447e38e6385f2ebe37f6af63a73f128","ssdeep":"384:6K7xvGH6hZxn8b1DwSZ7tQOJjBHNKRKgZp67Csv:6K6MOJjNNKtp67Csv","tlshash":"1f528418db8d5512713a31754d6e21cd223c98b32a04dc3ebe9464f07ef863e162be7a","first_seen":"2026-06-27T00:15:51.253926Z","last_seen":"2026-06-28T04:02:44.331645Z","times_seen":4,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/public/js/jquery.scrollLoading.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.914Z","timestamp":1782519620914,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /public/js/jquery.scrollLoading.js HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 29 Mar 2022 17:42:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"624344f4-79c\"\r\nexpires: Sat, 27 Jun 2026 12:13:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 415\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BgtB%2F%2B1W79e%2FfhpcERDAiGwHckK%2Bm%2FL5mjda0913L6Dwjx6%2ByloKRTeua1dwVL4ppEDZBwLD4W83OaLZSz%2FNNCbN1Ks6rMZVvZ6pw9SzKBY9DFxw5%2FRcCKvvbaGqyYA9Sg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: a120490ebe3076ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1948,"size_decoded":1833,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"e8660a440eab6451052f4d597bf811b3","sha1":"46caf3aa0e893bc14d8d603702ecc1c594086fb1","sha256":"d57b3f36a06804a3d9996bffc987aeac517ef439d551dd77cbcb84a8f5e6b4cf","sha512":"097141b877b07e53d85a14408947fef774175e1261f21ff79c00622657e7a51655e324983041424ac3d720f4dcf827d0963c2c68d0b5c0b75b73a7d0d7cbaaad","ssdeep":"","tlshash":"554120a8e76d321e02b5b1ea1d3f03ce123ce033bd4154af3ea09da85ce4479a301e49","first_seen":"2025-03-27T00:21:38.156036Z","last_seen":"2026-06-28T04:02:44.339717Z","times_seen":5,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/attachment/2026-02/2026022608332217754s.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.927Z","timestamp":1782519620927,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /attachment/2026-02/2026022608332217754s.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 26 Feb 2026 13:33:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a04ba2-2d64c\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 415\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LLqaqkZOYtFCQRnt%2Be6RL67OiADLiD0nV6Bh5PkebsW%2FotKoTT%2BbF4sPH6AvHEbPzI3e%2BehNlMFqaTcbbFcmugvflgOXjuxP3bBoGgF3jwxCYl3PLAOKz500zO3S0NPIiQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a120490ece3976ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":185932,"size_decoded":184369,"mime_type":"image/png","magic":"PNG image data, 534 x 711, 8-bit/color RGBA, non-interlaced","md5":"febebf1c32a4a1c33e9901e1567b45f2","sha1":"f49d15a87f03b6b4f5494f00778bad94aab956fc","sha256":"6e061f7b0d6d1e8857ae194278165be62798fc96a93ee1b87efbfeadff3e237f","sha512":"f9fc3939f1bde3a34d6765beb82bfba97e17a80097c44b96f720599cca0eaeeacc3f2630662f6f949b44979ff13a837da4c05f98a580390fc0581221232fc34f","ssdeep":"3072:xdXioNkEYJ+vHjGIHoZ8FEF0V+6XU1eoloz7mBirtknAX0jiVL8tQdyif/Sti:zN2J+vHjG2oKyG+wU8hvmBAXJVL8t+aM","tlshash":"8a0413e1e6729fb2c8d6442f9e96133076c1085ed241db266b4344fa7e51093e1e2efe","first_seen":"2026-06-27T00:15:51.257248Z","last_seen":"2026-06-28T04:02:44.335233Z","times_seen":4,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/images/pixel.gif","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.932Z","timestamp":1782519620932,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /template/index/images/pixel.gif HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: image/gif\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mfjJjBxB49mQS9TjhAFEKeRI4eXvZt5Df0%2Bt1JtiNesq%2B0LFVp%2FWykg08C8g4AloemkofU%2FWdnCJsZYNVPM5brt0s4G9BujHtONQCvwOmp%2FLGgmeB%2BPQbI1bbKaDhllMtw%3D%3D\"}]}\r\nlast-modified: Fri, 21 Jan 2022 19:54:40 GMT\r\netag: \"61eb0f80-2b\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 415\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 43\r\ncf-ray: a120490ede3d76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":831,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"325472601571f31e1bf00674c368d335","sha1":"2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a","sha256":"b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b","sha512":"717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc","ssdeep":"","tlshash":"bf900003ea80c002c2a2c0300e0ccb802b88b0308a28030fb0fc3baeec3a3a20c23000","first_seen":"2023-04-05T06:29:39Z","last_seen":"2026-06-29T23:20:28.237941Z","times_seen":92381,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/images/top_fuwu.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:21.004Z","timestamp":1782519621004,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /template/index/images/top_fuwu.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/template/index/css/style.css\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 21 Jan 2022 19:54:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61eb0f8c-2230\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 415\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MFxpAwiiUdC1ZBPzdWTDzwamM%2Fudp6fwAh3ueihfk1l%2FXSoT03LEpxxnURT9ebnAKn3Usgy%2BZDV3BowyhVxBoB%2FG%2BGcTA2WZhcW40qI6A%2BEu4YUMKTaOwZggnP9yCPLSjQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a120490f4e4b76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8752,"size_decoded":9577,"mime_type":"image/png","magic":"PNG image data, 200 x 45, 8-bit/color RGBA, non-interlaced","md5":"b6b92ea4f5481da96025b425f4c5afce","sha1":"3219223c88fdcf7bfb05dc2baf977982966a2e38","sha256":"df30d3f22dbbdd828d52386bba53de07376164070428e883647feec244431090","sha512":"a033459272b99ca787b6e412412e8f424e3be23a3567bf4207ab0b3375e4bdaa9651c780d42b733fa389ee2eefdfe1a313e4eb58c86607ecd883211704617d45","ssdeep":"192:5xQBYjAsBIUxCfD0wxq9HnevTqUQmvOKt2Ch2vNnpAhmDkJ6sHjsX5+:5xQU9Ur0p9HevhvOKtilnpAQDkJNHjs0","tlshash":"1902ae4e9bfdb86833930aeebc51d0d54ad3b5b48a514f3b3d4060c4f8a414eb79c62a","first_seen":"2023-05-01T22:41:34Z","last_seen":"2026-06-28T04:02:44.348475Z","times_seen":51,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/css/style.css","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.897Z","timestamp":1782519620897,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /template/index/css/style.css HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 21 Jan 2022 19:54:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61eb0f5c-f112\"\r\nexpires: Sat, 27 Jun 2026 12:13:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 416\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lJWY399RFVJ4f1CHiNVoW1HLWiHmROBYp5FZVwGbSJoXkcfUE%2BEF3FnvgwwbQsOEICzU3ZvKjRyggd04smR0kz23YzrC93L%2FPlecQc54m3AGRtoro7Gcm3oWzb1iTql5aA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a120490e9e2576ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61714,"size_decoded":13741,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"a62ce3e11c04cfca923ff64313990b3b","sha1":"48cd8675bb37fe2fcbf52d448a70289c660d3028","sha256":"80d1288f550f672ac23aab694a19e758bfc2dd2ddf4dabc7cb0c6aae93e57da8","sha512":"285f1533a1e8c438ab1713a045cded243de80b3fc5886b5bf6052fa6dbda18b103bf525ace0f3a219eead37e7737dc4fa759ea79ebfc7438763c3c690ac37fd4","ssdeep":"768:nQG1os/38Q0yFnDI6B53SIjfzO8IFDxgNB2QTg5fAYwKgR3StJxtJ63:WsptDF53SIjfzyxgfTOlgmxa3","tlshash":"e75311319b78205fb0bf9563b9539b8a3a1ed01f91131bbdeda83939c08e4631b72355","first_seen":"2025-09-07T11:52:19.613658Z","last_seen":"2026-06-28T04:02:44.342425Z","times_seen":6,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/public/js/arttpl.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.904Z","timestamp":1782519620904,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /public/js/arttpl.js HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 04 Feb 2020 03:09:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5e38e070-14cc\"\r\nexpires: Sat, 27 Jun 2026 12:13:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 416\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jWTQBLjSQh8qVUrXk6wQiUqIh8lgNTBRlbn1m6ysYSfdY5f%2BULqhRBkvByIByd6hQAhhTTbvcOYpSZyez4TXD52QfZQntgiEy5GiJsc7H8VMg%2FUuImL%2FWt6o%2B1WnSU9h2g%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a120490eae2a76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5324,"size_decoded":3364,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5251)","md5":"dd622e58c9a123bbf70a159c8b3b0f10","sha1":"b37b4bd7acdf85b08278c1bcbe1571a5d7d96b23","sha256":"d28806438e35234b3287b06ba84873d366d8ac20eaef5c836467237b60dbabb1","sha512":"b8df150da1c908b2644cd5954f699a1e38e596cfcd26404ad81ab209c355683c74b430210238d55f20cc82b4730c4a874ead91d8cb4c4ceb62a77fd2f96d50f9","ssdeep":"96:B8GhIIHHSDySJTXj/VK4CY2ZcOHOqyP5uZ+E81vhBuJKPIBa9HQjqcYuqT9:B8o67e4CYJwOlRuZE1pBAB7qcYuU9","tlshash":"b2b1c8c8b57eb896c33a7970a1af040b60bad6a5b04cdda59185e5d37e3804c816bfdc","first_seen":"2023-03-07T15:25:43Z","last_seen":"2026-06-28T04:02:44.343385Z","times_seen":745,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/public/plugin/layer/theme/default/layer.css?v=3.1.1","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.976Z","timestamp":1782519620976,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /public/plugin/layer/theme/default/layer.css?v=3.1.1 HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 04 Feb 2020 03:09:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5e38e070-3820\"\r\nexpires: Sat, 27 Jun 2026 12:13:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 415\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q%2Bo0DptNcMpZmM%2FqIh3nFB3W%2FgmZ%2FQTJIDU%2FO2SdVZoC8GnwEh4VStx3nA6%2BBS3dMVJc%2F4pc1Oie9abQ2sbarc35J%2BP4GunyXsc86odoaDYRZVeEvEJqE7PLvB0NC5NocQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a120490f1e4476ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14368,"size_decoded":3631,"mime_type":"text/css","magic":"ASCII text, with very long lines (14368), with no line terminators","md5":"af6e73de756f89e8c574859740f08b5c","sha1":"86fdcf8e3b58103214b007fc67479594e6e18818","sha256":"cdc911e5bca245f50468ab243a0101e4601f12de0755b2ced55bf484fbb91c30","sha512":"3960b03d80be61bd0ee48c8ada8024df741f9f9e4a328c376c04d402590497caff1f0f119fc8cae13e2fa8c14b784d520e4bacaf77e10791202601c2decfb5f5","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXiK6nMLPDFOtLzXyPHL/LztJDzyv2OQ7KGx1jyd2/SWz:1WmLrFOtSrzzt42OQ7KGx1jCWR2b+RcU","tlshash":"a35220e144811299b0278721d6dc7eba32f88d43e5630daef257381f874c6dba2b6647","first_seen":"2023-04-09T06:32:19Z","last_seen":"2026-06-28T04:02:44.33873Z","times_seen":64,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/images/qg_ico.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:21.005Z","timestamp":1782519621005,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /template/index/images/qg_ico.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/template/index/css/style.css\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ijiF%2FqCZ7VgCIuSuL5bULaLHi1Z5U3S7FzUCrXOsaZb%2Fc8H9gSybnuB9oEYko0aLQbHGVOwU25s2x%2BY35NpAqmH%2BkE%2FAeOAOahth2f2glhkqQNGC8RWwDt%2FYLZszYlSL4Q%3D%3D\"}]}\r\nlast-modified: Fri, 21 Jan 2022 19:54:44 GMT\r\netag: \"61eb0f84-36e\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 415\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 878\r\ncf-ray: a120490f4e4c76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":878,"size_decoded":1668,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"dc9230e63724fc75ac212acdb3cd9713","sha1":"7acf0f4bd7f00bf97b975cff8a4a3e0a6c2b0d62","sha256":"858d8eefe454b5733d8eb107fb752c373964afe02d25be021f7196544b59f6c4","sha512":"35de853de14ae4596c5729e872c5f1c0dacd663303717bf20dfd342151d2a10fb5cb5b6abcb65bfc90b012d1f8924c01a991fa1a7f36eaf58ca83110001b5ae7","ssdeep":"","tlshash":"2611e6a6b6a099bbd40548f2bd188136802509b58e71ab9a8f570b7c3b64c4f0486544","first_seen":"2025-10-15T02:03:18.173607Z","last_seen":"2026-06-28T04:02:44.355176Z","times_seen":6,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/cache/thumb/2026-06/thumb_400x400_2026022022465617725j.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:21.088Z","timestamp":1782519621088,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /cache/thumb/2026-06/thumb_400x400_2026022022465617725j.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Jun 2026 04:30:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1d0ae0-2458c\"\r\nexpires: Mon, 27 Jul 2026 00:13:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 414\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i%2FoDm4gc7eP%2BwMVjpkKBAlAzyTGWxwuFDToVHw33XpHduN%2Fylqx9ABK4Mwfd5Qw%2BnoWvdv7guVFehA1V7g3ojHVgGLK39owfEfPqtcYf7vLZ5mNACnOIWZxlC%2B4NYjaz1Q%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a120490fce5776ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":148876,"size_decoded":149740,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGB, non-interlaced","md5":"3898e53084fc1da88da23207167bac47","sha1":"e61083c7abaadf5855a8ff0d90596f4c41f70a04","sha256":"88793f603b2768d4b7e2c8d760e23782145fab8657273789b09cbb04ec120ff6","sha512":"1c0706020eabab952ddae1d8137e543337379664d842d013758d6344a97fbc7fc88cc42c26fb04d40adc5fbe6fcdc57fa3478b1b5268d07e2391f0726aff6090","ssdeep":"3072:ApBxTLX+mTlVBjaUnBQrAD0MuZPgTMDEp1IjZHsEP:ApTX/QUnBQMD03ZYAM1I9t","tlshash":"2be3121fc06fb63a50173ae240ff09a9f7dc21cb8f165046c235e9924628a5f57998e3","first_seen":"2026-06-27T00:15:51.246418Z","last_seen":"2026-06-28T04:02:44.353378Z","times_seen":4,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/attachment/2026-02/2026022608342417733b.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.926Z","timestamp":1782519620926,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /attachment/2026-02/2026022608342417733b.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 26 Feb 2026 13:34:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a04be0-31b9e\"\r\nexpires: Mon, 27 Jul 2026 00:13:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 416\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2gRMM7b2gQfsSnYMPllss98wHbuPohdAE9qHMTPFkKVzN0%2F38seuHemKpxCctuOO3%2BMtthsjlkDL%2Bgii7i0th%2FcJNvV2m8aXcuC6syyBhgRmZda7j9SWpvlsqDs4FBKCkg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a120490ece3876ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":203678,"size_decoded":201964,"mime_type":"image/png","magic":"PNG image data, 534 x 711, 8-bit/color RGBA, non-interlaced","md5":"915e08a8e56e656d341900864e73ba0a","sha1":"1db827709b0ef09e3d49f56e699c527f09b98a43","sha256":"5f4194b4010ca3cddbbb1787297b0aed044b8d853db2886f9c094271f8b92725","sha512":"6c546c9470498e00fa3348a350e3f7025bf059eb39471549bf2a9e9f67a78cc32c3f134d0b6d2ebebeed7e72344f6e27b202a35ae36cc37a2d7b1410019dd1ce","ssdeep":"3072:cus78GAWGRuI1te+kG1+OtXL1vFlwttdE2tkmr6RUWZl5mV3I3fgdBxXu+0HV:iIx4IO+kG15ztahCbRUJ6YDx70HV","tlshash":"991412f2d478e331fe033a883d7d99daf55d99d4940f396d30ba64da4a660db920c20d","first_seen":"2026-06-27T00:15:51.259294Z","last_seen":"2026-06-28T04:02:44.334256Z","times_seen":4,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/cache/thumb/2026-06/thumb_400x400_2026041508384417793j.jpg","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:21.082Z","timestamp":1782519621082,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /cache/thumb/2026-06/thumb_400x400_2026041508384417793j.jpg HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 01 Jun 2026 04:02:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1d0459-5c9a\"\r\nexpires: Mon, 27 Jul 2026 00:13:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 414\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1A4%2BSidJmQ3FE2nkUrokrckc5sfhl3XJmSd8GAQ9k95zzsUgLIWdVserPTUiAfnxwqMznARnUTAVTPzsYeg9eb9jgyNNI1zbxZN3MjvjVHsN6WUY2WR8HJGzfDFVCUTxTQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a120490fce5076ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23706,"size_decoded":23493,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 400x400, components 3","md5":"1bc5c84b93257bad93cfc992b0cb0fe7","sha1":"901daa34cb9a004645495349dda7d758c83f0faf","sha256":"5fc1f19555e69240cede817ae5faaec6003112958222816130bf9faf89c4fceb","sha512":"39331b5c966ad493e54869ffa0c73607ef2d403575adfa566c46b7b9a6b42f40cc7cdb5634cec1a7cc8530c042523ca4a030551c50f38aebf3e11b46ef6ac2a3","ssdeep":"384:/jGcx0casOHfF66Zobv/ZSU9wOKRnqHuVRPZnOs5n6tuz3mOo+mJOnh9:/jGsFan/MSURHuVRPzlKIL9","tlshash":"2ab2bf0b0711cbe3786297f07d820f3d1fdd9329e14676ea19a58ad773a56921c1b028","first_seen":"2026-06-27T00:15:51.251174Z","last_seen":"2026-06-28T04:02:44.354356Z","times_seen":4,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/cache/thumb/2026-06/thumb_400x400_2026033009453017792o.jpg","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:21.087Z","timestamp":1782519621087,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /cache/thumb/2026-06/thumb_400x400_2026033009453017792o.jpg HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 01 Jun 2026 04:02:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1d0459-5093\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 414\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sFS%2BjWT9A6ZvMqlD5hsfqccK0N3LmMW3zGu1zABhAyukZzNyY5le2gB8FsfdxTHaxCXDyftif1pOCQR1HMoPWYL2bk5OIcPtXKJ2V1vNgJ8kLhqtZNMQqF3UzARPWW4AqQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a120490fce5676ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20627,"size_decoded":20278,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 400x400, components 3","md5":"d1fca648ed25627e839fefc3b67ee512","sha1":"7f13d1d8978ca9af02b41cec5f04bb9ed4f2366d","sha256":"ccf6e5f4d25078771d981e0cfc123c8b39d8fe7bf7a3a5e4cc9dc0bd61eba04c","sha512":"67f7934816890d6ba7a355b35290b289b84130735d7d21c2799b6a921f9a5735c99bd8fe18197b8692ded1a3c5355b0a73564b89923a2e18d2d45bae6d8b4802","ssdeep":"384:/+18owLB5uHBTL2REMFtJxNyjSsQAYF27hqJImzwXs/ZDi4Mrfo:/+Wp5gTL2xA+s/WS8IUG4Mrg","tlshash":"b792ae17c8580f93769683a97f030e2c23ae6909e88733ea5ae39cdf7b545964ccd45c","first_seen":"2026-06-27T00:15:51.245471Z","last_seen":"2026-06-28T04:02:44.336221Z","times_seen":4,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/attachment/2026-02/2026022608341017705o.jpg","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.929Z","timestamp":1782519620929,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /attachment/2026-02/2026022608341017705o.jpg HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 26 Feb 2026 13:34:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a04bd1-8691\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 415\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IWRWeo9mmtA1iG%2FZCZoDsny8gYQT4N6XIK2%2BwWupRyEejn6MIpJFvOonsLr%2F9LW7t7S5CWR%2F%2BwnOCoyghEQQnSlsWz%2FV9FRqjKknOaCz2eArBiH3s7Rk7%2FisvP%2F5ZnN7kQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a120490ece3a76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34449,"size_decoded":33976,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 546x532, components 3","md5":"55d5952d1224edb2de7f0d48f0ba0c1f","sha1":"386ba0bf5bcf9e1e5f32ebca63c51c3dcd571f7a","sha256":"b1f2f407cc106a5606c6d7bb2530ddae35d5fce0f88058dce8ccf62fd58f4f56","sha512":"b730eb5db969dae4054f9115d6986262fffbffdd443b8c8415454da2bb910b233c8d31b9c852754d03642d92696f2c2e57c68cd657011dd70ffcd02ee54f9f42","ssdeep":"768:CC+sqKmGFpfTrcfGJ01pba00TvSmGRxtK7JcsOtOjt:n+sqpGfvcfGe1A06vSTW7Jcx6","tlshash":"66f2c02b69b6c033f85ee9301a613f8d6413214053c713965c689bbfea7d51e4feb829","first_seen":"2026-06-27T00:15:51.262237Z","last_seen":"2026-06-28T04:02:44.337236Z","times_seen":4,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/images/loading.gif","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:21.007Z","timestamp":1782519621007,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /template/index/images/loading.gif HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/template/index/css/style.css\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/gif\r\nlast-modified: Fri, 21 Jan 2022 19:54:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61eb0f7a-a30\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 415\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Tk0waH0RFqz1nO1s7U%2BhD5prfbRqBk5dWVhDGuIgf2hflX2hjqx60LbGAQi4XENGKKh2cdBOga55rScp%2B4jJvstAAntH2JHp3hbhG4zGQ918o5WKjMw%2BexUiB8BH6YB4Q%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a120490f4e4d76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2608,"size_decoded":2577,"mime_type":"image/gif","magic":"GIF image data, version 89a, 31 x 31","md5":"e85fb8ea63e9b4c3f2aca5d65dc1860b","sha1":"ab670e817a2c1d82a0c632eeea648acb57fc3c6a","sha256":"203e7a33ccce3a05fbcace191b0e0cb1ac23c3668fc4cc0803da2618b646ef27","sha512":"11b48be6e8e91fcbb980de9fa1fc97609708ad1bac2ed0a227561da65a067bb92e10fd010d2515cd603b441d27dc41584ff8e009295c4db4a7978376acb99b5f","ssdeep":"","tlshash":"1751c858b836504ade4bc3b081de5cbd29171cec723ae30c5410b9907501b169c59bce","first_seen":"2023-05-01T22:41:34Z","last_seen":"2026-06-28T04:02:44.350934Z","times_seen":57,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/cache/thumb/2026-06/thumb_400x400_2026033009243417727x.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:21.086Z","timestamp":1782519621086,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /cache/thumb/2026-06/thumb_400x400_2026033009243417727x.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Jun 2026 04:02:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1d0459-1a417\"\r\nexpires: Mon, 27 Jul 2026 00:13:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 414\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HkDeozePtPDkLhHpAzUMZ1PadpNCdpqTsmP7C1Be3N3ut0pJ2NdiW%2FFi22zANSPIvXmkPxVXvOqtjVFim66zwyeH3CnoxyU2NBMvYzoAIyJZNi2AKa8I1KUYdXi%2B4j3xbA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a120490fce5576ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":107543,"size_decoded":108378,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGB, non-interlaced","md5":"339d0c4dcc0f595868fe0200234cee57","sha1":"f5ebd8828dcbfda306e0a88d5996408c41fc0a21","sha256":"6abf763d7be171dc1d7c39c16bb7fc01bc438e8d4aa3073e42c94d0f55a0b7ee","sha512":"9b50dda9a1962146151c7a14a60a3e323235610f02ccb29b415f05aa1b094d7a605b767e4696f642a4b1840d62a23fc0842d45c1afde498aed1a316e0b33fdfa","ssdeep":"1536:v3WxXd6q/PfT7TUujhMF+VnogTlKInNK8HokGcMFPBKDWRzFCI24GqkcPRW:/WZx3fTRI+Jo0KInzHolRWSFCI21OPRW","tlshash":"93b313958b0fe784e5a37c529629eb03f4ed66452079ec87c105c371c0aefd58beb624","first_seen":"2026-06-27T00:15:51.253038Z","last_seen":"2026-06-28T04:02:44.345265Z","times_seen":4,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/js/jquery.banner.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.913Z","timestamp":1782519620913,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /template/index/js/jquery.banner.js HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 21 Jan 2022 19:54:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61eb0f92-451\"\r\nexpires: Sat, 27 Jun 2026 12:13:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 415\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=THz2%2FxsIXPagJhLg5PkhFdKdP4DEAPRHD2LC10x1uzYZQOFAaW2nXes8Zx5lUj0%2BaDU5ntvhoUjuILtnKgR8Dl9pfdxk%2FrO3ySfYnXa4Dxg2anawcUqFI80qDEZYOHJQBQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: a120490ebe2f76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1105,"size_decoded":1324,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"4c1e9add8b7d907e8908f8545a64a400","sha1":"37525d30b0742125f67470363af1b6df84bb8718","sha256":"4b8060f88392c1643829cfca1c033f993ac9333174d2d759305b2e961e923cf6","sha512":"8fa03407cb13509f9b049ebf72fd1835059f2dca52a1124320f1b93b30d5e94b60397d9f37eb43a44d25bfc340fb5839d0f2b9371869b862d2325405991fbbee","ssdeep":"","tlshash":"5f11af45b752204db47232f4993f2c44fd7676274511e5c0faa550b42eb9198c70dfda","first_seen":"2023-03-07T15:25:43Z","last_seen":"2026-06-28T04:02:44.347623Z","times_seen":47,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/api.php?mod=cron","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.990Z","timestamp":1782519620990,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /api.php?mod=cron HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nX-Requested-With: XMLHttpRequest\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\npriority: u=3,i=?0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N66PmFrXDoOAPC4H9NJjTBd2YczmeuXJ0n1vhwXGURnPw8bs6wMm%2Fy5XwoVLJLpifSwiFuEDPcqEO5UoRK%2FVGUJ0%2BMq2YIHboT%2BODtWxD%2B8CBcinhqtYZo99KlHgUmaicA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a120490f3e4676ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":783,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-29T23:32:19.365738Z","times_seen":16838595,"resource_available":true,"data":null}},"time_used":698,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":698,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/public/plugin/layer/layer.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.909Z","timestamp":1782519620909,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /public/plugin/layer/layer.js HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 04 Feb 2020 03:09:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5e38e070-5664\"\r\nexpires: Sat, 27 Jun 2026 12:13:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 416\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kC4fg8mjmktNeMpzR56udey4EuQfPMzJVbG1U6siuGXCE6NmGzc1bx9fziwsL1Qa4E8HKorZs3eOj9Ws8uzdIedgHFm3CPNBQUXkDD08nPaxkdoTOXoyQ9nCfY670PDPjg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a120490ebe2d76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22116,"size_decoded":8432,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22020)","md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-06-29T21:37:39.738271Z","times_seen":5972,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/images/gwc_top.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.996Z","timestamp":1782519620996,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /template/index/images/gwc_top.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/template/index/css/style.css\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=21OPm3%2F%2B7NZGT6PGHSh1GvZlQg%2FaVpxvaT5PJ5fjn%2BmyGbJhdatEpCBllL%2Fa4PK4fhAJcfpQYvE9tWZS9pAUxg758pIJfssrClYGvNTVLi6M4y0kcHqy6M%2BvdBjk0PG6Sw%3D%3D\"}]}\r\nlast-modified: Fri, 21 Jan 2022 19:54:22 GMT\r\netag: \"61eb0f6e-15a\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 415\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 346\r\ncf-ray: a120490f3e4876ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":346,"size_decoded":1136,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"6c032afb945790fd603d813434c2ed75","sha1":"c65ad75030f0a2d7909c2dc0f5476c2f0bc19df1","sha256":"2973b830ac0d2604185be04f0f595833c0095eef6e11ad6d55fcd9930a8a3ceb","sha512":"f7030411d3328bebc26e9b3d1a436c2dd171e4549c9d05fb6328d5bd6ee7d8a904f7a12fd9ca176c7fc6107e115e9232f152597514f05cd53eb157f6e44b3b8a","ssdeep":"","tlshash":"e5e0c0c5b2748878c456a69b02254115ee7b038a1b0f023cd24f053f4b68f0886f56cf","first_seen":"2023-05-01T22:41:34Z","last_seen":"2026-06-28T04:02:44.344338Z","times_seen":57,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/cache/thumb/2026-06/thumb_400x400_2026033010044117792o.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:21.084Z","timestamp":1782519621084,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /cache/thumb/2026-06/thumb_400x400_2026033010044117792o.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Jun 2026 04:02:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1d0459-1d547\"\r\nexpires: Mon, 27 Jul 2026 00:13:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 414\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eGWRIWUxhmOp96M7zQNQmjl6bIijZnnZM6e50iO%2FDi%2FulyUux26mOvdV2K88GdKSu4qcZVoAqTBjkMmzgVdSoWBlUUdMohkTeEOAyhJXI9eTcVr8fRnMRqizhKaM48B%2BlQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a120490fce5376ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":120135,"size_decoded":120737,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGB, non-interlaced","md5":"d505fcde1d883e8a4f29536a17a3a47d","sha1":"3f1a6b43465ddba204584b7962b014e8e01f8481","sha256":"8e4a2d86e886f42d3a9d1352ff3f78e903e2920e5e397336d480dcf53d95a828","sha512":"4f871a80d5247cbbedf933ab4c152478b9a886c55b788768bc9ae5f14254c42c0aa4b1b850399d840ef50f8223b210c592a8393281126aed53ab978c0a6ea5f0","ssdeep":"3072:j/1pEHu6hC7MDEnqyTE+DzIzWWtTEqlSlj2SfxE:L1psoNIWWi+eqSfG","tlshash":"fac312cb435e183cd454a540a82329ca5e99f73c5c840f346bcc728a82379b47cbeba7","first_seen":"2026-06-27T00:15:51.252103Z","last_seen":"2026-06-28T04:02:44.352541Z","times_seen":4,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/favicon.ico","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:21.221Z","timestamp":1782519621221,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gQwpSBjC1u14CxpvuO9myUN0Ym4PNTXdT6llDULeYtM0rS8COb0prLjGTJ9JkKWl0JbllqalYLUUam5sHCbI9DxKIfUYvbZjmN6Wj4sv6ZBpx0KbqzgZCiNLnQA1JL8lrA%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\ncontent-encoding: zstd\r\ncf-ray: a1204910ae7576ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35310,"size_decoded":4962,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"308f7f60da3bf470cd21a4b296276ee5","sha1":"6ef79eaa9b007ae3f252f5ce45e4833f3ec43622","sha256":"15d6727a5318544420bd8b9f7328245010d108fe13fa9b9bd0dd32b4b7fdbc61","sha512":"44c9923f8bfc0dbf87aa9cdafdf7a7d0c49335c04fc6be4edd4ed91527352fffc9b7413a883d678f336011c0fedb219dfc80f516aa777b3e1ca97c3e0ed8387b","ssdeep":"768:zwlEQrTMvKTMjrtrJK1MyKh5zrQKHrceXr4rb5PeneaM/5HFF5YFFrBMaeEFFKwN:XQrTMvKTMjrtrJK1MyKh5zrQKHrceXrB","tlshash":"f8f2abe32ce01008ae2bc5552bdd0b1933369553694bcc5df3ed288d8fc2ddaa69b653","first_seen":"2026-06-27T00:15:51.258179Z","last_seen":"2026-06-28T04:02:44.348997Z","times_seen":4,"resource_available":false,"data":null}},"time_used":758,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":758,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/public/js/jquery.js","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.900Z","timestamp":1782519620900,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /public/js/jquery.js HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 29 Mar 2022 17:41:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"624344ac-17279\"\r\nexpires: Sat, 27 Jun 2026 12:13:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 416\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0kAl18O9JWIaUieTW2o65edUJDGyTJQaVgJFOwBfx4uYbRLmYc9rKzB6LPbNk70bVRxQzRNsSkFYrOm%2BLfGsktIEVy3UGa6SSS1uMX8fLmeZo9weLDf4uLPn%2FLVrilrSMQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a120490eae2676ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":94841,"size_decoded":34691,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)","md5":"3eb0b37a85f17c2dc9b09887c858d27a","sha1":"e31e4c5c696fedf28587dc3719df363cfb0df750","sha256":"ae243dc52545596fa91b729dbf680985b2e513d4adc831caebcde4600e8b5d75","sha512":"d2f1d77ef2b823785208d3989588335058478d72b6d714bb7c20550cc1176648e99d869f055bd2f56aed55146efba1a807937c838404c7ac0e3601d2bd92d821","ssdeep":"1536:UYRKUfAjtledhTmtaFyQHGvCXsedOgRc9izzr4yff8teLvHHEjam7W5X3yzSiLnM:9Ub6GvCu09s2o2skAieW","tlshash":"e093e7d9b2d67123c7b731b850af510bb17698aa784c8c50f068d8e4be74a48907bf7d","first_seen":"2025-03-27T00:21:38.153648Z","last_seen":"2026-06-28T04:02:44.347096Z","times_seen":5,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/images/tb.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.993Z","timestamp":1782519620993,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /template/index/images/tb.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/template/index/css/style.css\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 21 Jan 2022 19:54:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61eb0f8a-992\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 415\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9Yi7wTPgpy9r1PIxc2U21IkGCeI8suZSeuVCRqPpKQmo4%2BNdJMLAaiKabTRDXSJj0HDwjZ1AxOyOgBbJ8Jzscn3s9olr0NxnRWbKBq%2BoB%2FuLmwBKDpzGNVSX7tvpFq9JCw%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a120490f3e4776ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2450,"size_decoded":3254,"mime_type":"image/png","magic":"PNG image data, 30 x 300, 8-bit/color RGBA, non-interlaced","md5":"67327ca40b3a3030267b822704f5d19c","sha1":"99563d0d3c9e19ad1b6ce6a8ed8d0fa9064151d5","sha256":"c57aaccf32cbc74823259af6b271bf90bb9cceafecc3daf464e0b02ad9f94749","sha512":"d4daf6052ab60bd011763e861743f2a4e856f2d9691008821392a1ed51f1d6535ab8a2978383dc979a300aebb3bce7f3b62e9695470a99b6f66458cde5927880","ssdeep":"","tlshash":"a151fab9855c4ff24bab2dca318fd59c14b955accf2cf4506ecde31cb84d6a4e209241","first_seen":"2023-05-01T22:41:34Z","last_seen":"2026-06-28T04:02:44.340645Z","times_seen":58,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/images/ms_ico.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:21.008Z","timestamp":1782519621008,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /template/index/images/ms_ico.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/template/index/css/style.css\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=etBUMATlju%2BL60khPSp9qILDel4FJgcdxpUX7ixZFXxBaK391rbosVl%2BNPfV3IDQfiLk8xyGrw7vpY%2Fa%2BwEawlAP2yqa6s2eLtlrclvuUyBNTc04CzocQiydK6YTqjmCaQ%3D%3D\"}]}\r\nlast-modified: Fri, 21 Jan 2022 19:54:40 GMT\r\netag: \"61eb0f80-1d9\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 415\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 473\r\ncf-ray: a120490f4e4e76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":473,"size_decoded":1259,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"6878270bc2d5a6fe95057f1820ccf170","sha1":"dfb5962c3f9e8526987832a1718942bac3cfea82","sha256":"5594a8a590bf4f9bc7fd733d83841249b7798e79e1dceef0af1f1b770016e180","sha512":"9c59f559882b3f465a48d0e78995e379f929edf3ec7b49ff0cebdb1e2190029eb1be4106a027fff0b568661bd2195b5e187187aa3583522c246d92fb887b4fef","ssdeep":"","tlshash":"fdf0d4f1f58850e9c2664d5b38f7a6d098377c5c0678dd591d0994ba3272b15c0ed911","first_seen":"2025-10-15T02:03:18.220641Z","last_seen":"2026-06-28T04:02:44.351747Z","times_seen":6,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/attachment/2025-04/2025041021050517447b.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.922Z","timestamp":1782519620922,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /attachment/2025-04/2025041021050517447b.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 10 Apr 2025 13:05:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67f7c200-69a\"\r\nexpires: Mon, 27 Jul 2026 00:13:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 416\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tXeE6Ia1pvpPkOrDcIXRpeq%2B48cWD6UePaA31%2FyQFp3Z0kbB%2F2OJoI8h%2F7roAwX08xh2JIOUcT2ILRfAsPBW6O3UAtCopX6YTtobaXCqTcQxqZEyw0Qsj6oYQaCxjE0eNw%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a120490ece3776ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1690,"size_decoded":2510,"mime_type":"image/png","magic":"PNG image data, 117 x 39, 8-bit/color RGBA, non-interlaced","md5":"8d69042d5f109d108569ab150c99578f","sha1":"2a773a6bbf9faf7f9c0ed976d675501519a2d4f3","sha256":"d508f37b6110f23692be8c34472ace3d84c17840ba5b18d0f56296b3169757b4","sha512":"838cc68fbb4fbfda177cd14259a9992da0a81cefff6000d91a6cb6560cba3c2a2944b5f5a6ef5035f75acda555267bf656535a9e5517313dd9780ca793ded53c","ssdeep":"","tlshash":"c5311d927f5cf5e4494589165dc4f3b57d9b19672c2155fc8cf3f12206073cb4802746","first_seen":"2026-06-27T00:15:51.249259Z","last_seen":"2026-06-28T04:02:44.333224Z","times_seen":4,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/images/all_nav.png","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:20.998Z","timestamp":1782519620998,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /template/index/images/all_nav.png HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/template/index/css/style.css\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bscUjyKfH084%2FXXZ1FWT6%2FYvAIDllfHKSFTc1t7GezWtbtYuogH8ECoWG6zpfn2%2FwxzFmyzIpIFgpLNzKovRoob5Sn01jvHkNivpq9uVg4oBU4jSLkDusbtFDU6KAJhLxA%3D%3D\"}]}\r\nlast-modified: Fri, 21 Jan 2022 19:54:06 GMT\r\netag: \"61eb0f5e-83\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 415\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 131\r\ncf-ray: a120490f3e4976ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":131,"size_decoded":914,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced","md5":"f74e80f32104fce4f513d62a0eb5296a","sha1":"1b2bf07ff3d27d90d74557d5093a2b6ddbc1d69e","sha256":"8eb13df36d90d129ae9874630b6ab1a6de371c8c34dc9bc402265e1ecbf97d92","sha512":"5979580bb496963066498bf2368a338a01e1e0e5f34cb45b1c8e3ce6cf497947142d16c511ac335a1ef7e16d895e521dc76b45be22519928afc925b7b638b02c","ssdeep":"","tlshash":"c9c02bc0e5300e71d702127350408004c42341411511c3ac1f4688112539d1544e8605","first_seen":"2023-05-01T22:41:34Z","last_seen":"2026-06-28T04:02:44.341565Z","times_seen":56,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"yamaxnyvip.com/template/index/images/dian.gif","fqdn":"yamaxnyvip.com","domain":"yamaxnyvip.com","tld":"com"},"ip":{"addr":"172.67.155.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yamaxnyvip.com/","date":"2026-06-27T00:20:21.002Z","timestamp":1782519621002,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yamaxnyvip.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Jun 2026 14:37:54 GMT","end":"Sun, 06 Sep 2026 14:37:53 GMT"},"fingerprint":{"sha1":"15:E3:41:1F:C7:FF:14:1A:7A:3B:49:79:2D:0B:3C:EA:01:42:00:FA","sha256":"3F:23:01:DD:8E:97:9B:74:78:2E:3F:26:AD:B3:4E:FE:69:D5:C5:A7:35:01:FE:C6:D9:6A:C4:3A:1C:4D:6C:96"}}},"request":{"raw":"GET /template/index/images/dian.gif HTTP/1.1\r\nHost: yamaxnyvip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://yamaxnyvip.com/template/index/css/style.css\r\nCookie: pe_lang=en; PHPSESSID=qcggcqer5jovtbu26r1e91nf8i\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sat, 27 Jun 2026 00:20:21 GMT\r\ncontent-type: image/gif\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q7Gdw8VRw0Fwctl3bPGaTDIMDdFLJlLEiRz8meLhGgyy0UbT1ENUWXtgZGDC8NEIFzGfSNpw0arXXEe%2FLVE8qiXkDAvSQdkpcBrEte19fpDx31XZ1PbtagAnxvaoLofHQA%3D%3D\"}]}\r\nlast-modified: Fri, 21 Jan 2022 19:54:14 GMT\r\netag: \"61eb0f66-2c\"\r\nexpires: Mon, 27 Jul 2026 00:13:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 415\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 44\r\ncf-ray: a120490f4e4a76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44,"size_decoded":822,"mime_type":"image/gif","magic":"GIF image data, version 89a, 3 x 3","md5":"4c2a081a828541a8abb9079d47297ad8","sha1":"f95c7aa7ccad9d12ad3c060bd53bcd8153909e28","sha256":"36cca437ee2ff2a6fe2f0ddad35b65e522a591b2f458fcc15ec6e791d1f9ed53","sha512":"f335e7fd3de1f627ee437d86c3ae71ddc7c960dc5ec6aca30af72f338f1ed8e5a0b1bacced42f711dd537c29236a606980880bde70f67fdd7025e27f52defc9d","ssdeep":"","tlshash":"00900407c4c07d40d15c1034450c33745d410511c30cc30500374555f41f5f13541c40","first_seen":"2023-05-07T22:30:03Z","last_seen":"2026-06-28T04:02:44.350098Z","times_seen":42,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"yamaxnyvip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}}]}