{"report_id":"13d1255e-75d1-4ecd-91d0-f73917421bdd","version":6,"status":"done","tags":[],"date":"2026-04-06T13:50:37Z","url":{"schema":"https","addr":"buxfunds.com/","fqdn":"buxfunds.com","domain":"buxfunds.com","tld":"com"},"ip":{"addr":"91.218.49.176","port":0,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"final":{"url":{"schema":"https","addr":"buxfunds.com/","fqdn":"buxfunds.com","domain":"buxfunds.com","tld":"com"},"title":"All in one giftcards","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"buxfunds.com/","fqdn":"buxfunds.com","domain":"buxfunds.com","tld":"com"},"ip":{"addr":"91.218.49.176","port":0,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-11T13:50:37Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-06","alert":"Phishing Block","trigger":"robloxhelper.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"robloxhelper.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"buxfunds.com","ip":{"addr":"91.218.49.176","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":4,"received_data":145956,"sent_data":1675,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"d2lmlpk6xgu7kg.cloudfront.net","ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2023-10-02T10:07:48Z","last_seen":"2026-03-25T06:33:41.80592Z","alert_count":11,"request_count":11,"received_data":254050,"sent_data":5038,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"216.58.201.202","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-04-05T23:25:04.847364Z","alert_count":0,"request_count":1,"received_data":86564,"sent_data":409,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-05T22:16:34.770209Z","alert_count":0,"request_count":1,"received_data":15431,"sent_data":512,"comment":"","tags":null,"fingerprints":null},{"fqdn":"robloxhelper.app","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-13T14:10:07.438651Z","last_seen":"2026-03-05T14:00:46.390973Z","alert_count":2,"request_count":1,"received_data":4557,"sent_data":382,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.201.202","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-10T09:55:52.262418Z","times_seen":269822,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"robloxhelper.app/cl/js/3444xm","fqdn":"robloxhelper.app","domain":"robloxhelper.app","tld":"app"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3af1c0a2148d2979eea1c6f6f844f4b9","sha1":"670e4369cd4db702768658b1ab1ebc5889f35937","sha256":"9ccfe0cd24733eecf32e6106ff0161e82bbc0a1341c2af5a50a6d767fb742aba","sha512":"3ab26af0a29150a39a99de102d2c936d4d7d1c53cf93bd3e511fb86d3c2bff561eee402bd2686dbc823c120b16c61af00e33dc5bdd75c32500059e387265b178","ssdeep":"","tlshash":"0e517aef6ca3a650256ba47d0bef910d30b884673505c530bcbc95c85fe0e10aa99bed","size":2847,"data":"","first_seen":"2026-03-26T14:55:50.037055Z","last_seen":"2026-04-06T13:57:50.231511Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buxfunds.com/","fqdn":"buxfunds.com","domain":"buxfunds.com","tld":"com"},"ip":{"addr":"91.218.49.176","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":true,"md5":"959701ef033b4688ac4cd13b6cb3f25c","sha1":"e5275b2f0ce0ade5db3bfa7fc2988d751de55144","sha256":"f9459227e2d0e9e1652a2b95053ef6a99d41e54a5e72e30ba5ec18ebcca3b513","sha512":"b3ee66040c4677d2f722c81d388cf2f4dc306fc3288fd73e18483196872d15202f5c3b0980909d280089e363f959a91f8ff4165b48b0adc9efda89478bdb8ba9","ssdeep":"","tlshash":"6ab0124eb6d3f0200233e6be0e2b500415184c47290cc008f60c0258af941044060958","size":96,"data":"","first_seen":"2026-02-13T14:10:12.058311Z","last_seen":"2026-04-06T13:57:50.243949Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buxfunds.com/","fqdn":"buxfunds.com","domain":"buxfunds.com","tld":"com"},"ip":{"addr":"91.218.49.176","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":true,"md5":"d867fbbbe5de6f99b853e88e70e45130","sha1":"fb0aaa54f82bc3ecc843eabaf2647fd39690cbfa","sha256":"01d94021a46c82f39ab7fd012620b4fc6d3a9589c83492aca6117b621995ff46","sha512":"503b81ef5a4b443d669558b104cb9f1749809579e9886518348370d9333b2ab35edb9a760b6b6b55fd3eea2363b6e2dd51d186dd186c471c1fd02356416acd20","ssdeep":"96:c08nBzZLYBDpYiX3iCPIIiC7X/G1ki06po0FKjghWo2h2YEA2YD3i+l4itEAutgT:cBBzZLYBDpYiX3iCxiC7X/G1kT6po0F8","tlshash":"6fb1f2e3b34905711cdb27bb1e5b139c34a9d1371c138897260c6c24d82adf6b9bbe59","size":5126,"data":"","first_seen":"2026-04-06T13:50:43.175115Z","last_seen":"2026-04-06T13:57:50.244557Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buxfunds.com/","fqdn":"buxfunds.com","domain":"buxfunds.com","tld":"com"},"ip":{"addr":"91.218.49.176","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":true,"md5":"7f17bb5a6ab7ce53c59cc390f7089708","sha1":"e6aeb7d38dfff1a205ec9c68e78074395c610a90","sha256":"0507d6953a3e15b7fa29260204bcc941eb5ed1d04f6c6bd0ee1ee36814b343af","sha512":"f6add4d77c9ef579ad91754f5a8864bb853fe19493de1b264918184cb181a0194f10c89550302765870a8711254934ee3ec6894189e497ce62bbf171816f12d5","ssdeep":"192:cswDQscMxU2noSAhW3HkIyvUEr/he5fJJ:cpMtqfEEPJ","tlshash":"07d1125fb4f3216a49677b790baf4100ba6461231d1dfc90be8cc6444f3d0ab6e726b9","size":6545,"data":"","first_seen":"2023-03-10T13:35:25Z","last_seen":"2026-04-06T13:57:50.245288Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"buxfunds.com/image.webp","fqdn":"buxfunds.com","domain":"buxfunds.com","tld":"com"},"ip":{"addr":"91.218.49.176","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.buxfunds.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:29:26 GMT","end":"Fri, 03 Jul 2026 22:29:25 GMT"},"fingerprint":{"sha1":"13:14:64:78:48:22:81:08:AF:53:35:8F:29:61:58:2E:C5:21:CA:55","sha256":"06:F1:DF:44:DA:84:EE:CC:4C:E1:24:CF:DC:55:9E:82:B0:37:7B:8A:76:D8:25:F1:77:81:A5:13:B7:11:1C:05"}}},"request":{"raw":"GET /image.webp HTTP/1.1\r\nHost: buxfunds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 13 Apr 2026 13:50:16 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 06 Apr 2026 08:04:18 GMT\r\naccept-ranges: bytes\r\ncontent-length: 28664\r\ndate: Mon, 06 Apr 2026 13:50:16 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":28664,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"12388997c50fd02a80b47eb7d2d95347","sha1":"23e626d78236e272dd8bab4fa473e3e4a9997446","sha256":"d8aa6c8f49be71aa31c2635451639d9bf93a2af8dcb42fc66b5992e38a4fb483","sha512":"c27aac8e3fd3f1acbe79760504a83ff5dc9f84323589b2522a379e08eed14be27e7ffe3a59c144e01270330b12484cd6ff0a4d8d04ef6bfd956642be49e80044","ssdeep":"768:LK8fcJmscpBNWbR/v4XNVJ9ux37xdffmPjCBFzqef:m8fcJmscpBNOdK39037xVfmLCfzqef","tlshash":"ecd2e1674a967900a842e8c290385359e1ef3167ef04d75c1dc1bddbd2f7b1f2a67a80","first_seen":"2026-04-06T13:50:43.153505Z","last_seen":"2026-04-06T13:57:50.229017Z","times_seen":2,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d2lmlpk6xgu7kg.cloudfront.net/uploads/1645606691ccf0a7bdb704e85631127b851dc0e997.png","fqdn":"d2lmlpk6xgu7kg.cloudfront.net","domain":"d2lmlpk6xgu7kg.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /uploads/1645606691ccf0a7bdb704e85631127b851dc0e997.png HTTP/1.1\r\nHost: d2lmlpk6xgu7kg.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 6552\r\nlast-modified: Wed, 23 Feb 2022 08:58:12 GMT\r\nx-amz-version-id: Hh5GCdeMrVnnrp5ASrE4eMIJ8HaFIhOY\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 06 Apr 2026 13:40:31 GMT\r\netag: \"72cd5bca1317cb4ccb7744a82a5b92cc\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: vWrODxxD36_mjg6eXmy1cm8V1cRafrP0NCi6G1VBvTkkg6ba5TnImQ==\r\nage: 586\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":6552,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 434, 8-bit colormap, non-interlaced","md5":"72cd5bca1317cb4ccb7744a82a5b92cc","sha1":"e57009963d72ab7edc632c1c8fb0fe024f4f948e","sha256":"47722d99cdc263f3783855402a9e9c81d12cbce823b6dba6b9ac3b948afd0075","sha512":"358239f26b86c65253eadf67fe88261c527fd7420416145941593391beeda6e9db8bfac8bb14b01fdb2b0c551fc3630e30bb24792bd20084aa12f871a28b51c9","ssdeep":"96:/B9Lsh7VMPslVKAeUp7rfGkZsMmf2BADZvk9859OCABIWTv3QfQUWa5WzkkP6WaU:ZlsZSsuUXZzmXZvs859OvFb7N90teX","tlshash":"bfd18d4f9744e893cf9ffdb2877fa1f850b51da0603c66c5d77a1c9c68066861a243b0","first_seen":"2023-05-05T20:10:25Z","last_seen":"2026-04-06T13:57:50.241146Z","times_seen":20,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":50,"dns":40,"connect":19,"send":0,"wait":26,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2lmlpk6xgu7kg.cloudfront.net/uploads/1645606690dfe4c50e8dab48f102c825bbb91242c3.png","fqdn":"d2lmlpk6xgu7kg.cloudfront.net","domain":"d2lmlpk6xgu7kg.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /uploads/1645606690dfe4c50e8dab48f102c825bbb91242c3.png HTTP/1.1\r\nHost: d2lmlpk6xgu7kg.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 6729\r\nlast-modified: Wed, 23 Feb 2022 08:58:11 GMT\r\nx-amz-version-id: W6axW.sMqNSWP4B7a9GQEzzaYOmvzKOC\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 06 Apr 2026 13:40:31 GMT\r\netag: \"e2a36e05f872ff1f960328d91954a724\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: hwi6i_Y4xvXbcsU88pZQgUvtZ89tNfZ-rIVQcXP-eDRXcW3H3kjzKQ==\r\nage: 586\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":6729,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 434, 8-bit colormap, non-interlaced","md5":"e2a36e05f872ff1f960328d91954a724","sha1":"236b905b2962ca0e8e99b7ec670abd3574fc36c5","sha256":"0807e8f7ee5b126649b8815fbcfb23d0eb5a5809066299bdc9e3ad2cfd94030f","sha512":"9a9f733158321f3d4bb684bb7036c271d7de0ffd0dd9462a05acadba5d53760b64e5d9dc18b7501d58717f1eda30a57bd6ca366cd214be9e52d39458aa871498","ssdeep":"192:g8B335/2L/+KGCnC+LS3tG4gUYUZC3qvZ/PE:Xp3sLPW3txgfUZC6vVPE","tlshash":"63d1ade8d0cd44eb799897b5829fddb6e8ba980b388903f2c855bd30cd35968b4f045d","first_seen":"2023-05-05T20:10:25Z","last_seen":"2026-04-06T13:57:50.24312Z","times_seen":22,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buxfunds.com/","fqdn":"buxfunds.com","domain":"buxfunds.com","tld":"com"},"ip":{"addr":"91.218.49.176","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T13:50:15.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.buxfunds.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:29:26 GMT","end":"Fri, 03 Jul 2026 22:29:25 GMT"},"fingerprint":{"sha1":"13:14:64:78:48:22:81:08:AF:53:35:8F:29:61:58:2E:C5:21:CA:55","sha256":"06:F1:DF:44:DA:84:EE:CC:4C:E1:24:CF:DC:55:9E:82:B0:37:7B:8A:76:D8:25:F1:77:81:A5:13:B7:11:1C:05"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: buxfunds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 06 Apr 2026 08:10:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6027\r\ndate: Mon, 06 Apr 2026 13:50:15 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":26721,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1302), with CRLF line terminators","md5":"57cb3be693189ff86e4931885464c2a9","sha1":"18e32a5bf87dd8492dd2df75c725586cfaa077dd","sha256":"9bc8c073699b4f1ed49dce0553969695884499fd664e2db0b82df90fb4cfdb86","sha512":"59344ae290bdd32b3982eb8f7f7dadb915dd0175642dc3f6565fda92b3e67894c525b30e01b2aeab7f2f3a2f6308f45b36e6e3293867bec0fe7e75392d24997f","ssdeep":"384:Tgge5MTZM8qSmUEloAcQNG4sEG/MjieiOwCb45uH0F7i9snOZqaiYiNoGTzIMpwj:0ge5MTHqSmU+/GbmGvrD1Ax5URLI3","tlshash":"08c2d957bb800029607393bd2bb71708f97d92138a018d57beaca550cf76c796973eac","first_seen":"2026-04-06T13:50:43.156752Z","last_seen":"2026-04-06T13:57:50.23984Z","times_seen":2,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":103,"dns":13,"connect":42,"send":0,"wait":49,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.201.202","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30028\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Apr 2026 08:17:04 GMT\r\nexpires: Fri, 02 Apr 2027 08:17:04 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 365592\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85578,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-10T09:55:52.262418Z","times_seen":269822,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":121,"dns":1,"connect":8,"send":0,"wait":11,"receive":8,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buxfunds.com/image.png","fqdn":"buxfunds.com","domain":"buxfunds.com","tld":"com"},"ip":{"addr":"91.218.49.176","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.buxfunds.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:29:26 GMT","end":"Fri, 03 Jul 2026 22:29:25 GMT"},"fingerprint":{"sha1":"13:14:64:78:48:22:81:08:AF:53:35:8F:29:61:58:2E:C5:21:CA:55","sha256":"06:F1:DF:44:DA:84:EE:CC:4C:E1:24:CF:DC:55:9E:82:B0:37:7B:8A:76:D8:25:F1:77:81:A5:13:B7:11:1C:05"}}},"request":{"raw":"GET /image.png HTTP/1.1\r\nHost: buxfunds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 13 Apr 2026 13:50:16 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Apr 2026 08:03:25 GMT\r\naccept-ranges: bytes\r\ncontent-length: 88075\r\ndate: Mon, 06 Apr 2026 13:50:16 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":88075,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 434, 8-bit/color RGBA, non-interlaced","md5":"505631b961bfb15a2da1d3dd619f4391","sha1":"58f6618a1a119f0ae5a32b5086acc74841902259","sha256":"6cddc0e0497c36c1d7702622f46dbd6737584fbcbaed78605044230d9b189a13","sha512":"b18276e17849e2b58d8d0e06bfef1e9a69ac02ba7a72ac09885ed24e14d79922eea949ee2a7e45179e148ba3cb85f542f75dfddd96d95e5408c4ae69f0cb3477","ssdeep":"1536:FW3aPfdivYXFjPyrFx9X16NwUxzTuKWptKg+7GDDHtbzCY50zCpMSOl:o3aPfZrGfnUx3uJ+4DHtbmcC/","tlshash":"248302c1ba49f158a2f25de566812ccc883f71286d553bda6f6bb3984a5c530e3f4ec0","first_seen":"2026-01-09T08:54:26.059187Z","last_seen":"2026-04-06T13:57:50.232121Z","times_seen":5,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d2lmlpk6xgu7kg.cloudfront.net/uploads/16456066910ad995c478735eeb59daf47640f653e3.png","fqdn":"d2lmlpk6xgu7kg.cloudfront.net","domain":"d2lmlpk6xgu7kg.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /uploads/16456066910ad995c478735eeb59daf47640f653e3.png HTTP/1.1\r\nHost: d2lmlpk6xgu7kg.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 31861\r\nlast-modified: Wed, 23 Feb 2022 08:58:12 GMT\r\nx-amz-version-id: jESQ7VF8lhOQmEKpco8QJsEG4PY.lIh1\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 06 Apr 2026 13:50:16 GMT\r\netag: \"3ea539d676fccf2fef78a5c74e5cc5dc\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: d_vw8UdkbICN933pcIdcrZZg5SCqFN51uf9s6NKew6Z9DpzokE__Sg==\r\nage: 587\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":31861,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 434, 8-bit colormap, non-interlaced","md5":"3ea539d676fccf2fef78a5c74e5cc5dc","sha1":"0a6632809bc4ed012493f4eb5f7c7e9e1473bce5","sha256":"1b20575865a1cb75844e1b88a862c90932305f38c7e9f25068e8ab6f50b82473","sha512":"9281a46174ef47774f6a9647b5aa17476a04a4872445508871967e99c3bd7274bd161851f9f157c783e190d5b266ffcf33809934f6bceac71571dafcc31babf8","ssdeep":"768:KC7VT9cTkinqh7+cOi8cI+tLOHnm+USSw/IwlQxyhVlP:L7DcTwluHBQmQwVZ","tlshash":"3fe2f1f1704efbf0859a3e642dbbc3baac018501d23f86791e48b5a7c9125b41938b77","first_seen":"2023-05-05T20:10:25Z","last_seen":"2026-04-06T13:57:50.234477Z","times_seen":20,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":48,"dns":42,"connect":7,"send":0,"wait":28,"receive":1,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2lmlpk6xgu7kg.cloudfront.net/uploads/16456066913af5eafc1e8f4b67bdb9fad531193dd3.png","fqdn":"d2lmlpk6xgu7kg.cloudfront.net","domain":"d2lmlpk6xgu7kg.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /uploads/16456066913af5eafc1e8f4b67bdb9fad531193dd3.png HTTP/1.1\r\nHost: d2lmlpk6xgu7kg.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 9529\r\nlast-modified: Wed, 23 Feb 2022 08:58:12 GMT\r\nx-amz-version-id: QPZwrvOa2SGRY6j1Pkocfk2.CcPFUmtI\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 06 Apr 2026 13:40:31 GMT\r\netag: \"ccaa833c45dcb4ea162881be6dc91e0c\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 9pgCpJo3LxF4u0oI1xifqbzt_2Y7fakxQ6uf_ed_UC2XIL23VsLyVw==\r\nage: 586\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":9529,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 434, 8-bit colormap, non-interlaced","md5":"ccaa833c45dcb4ea162881be6dc91e0c","sha1":"49734a815f59d17556136ed5a0c2eb5a47e15144","sha256":"a5b75ddbb788541f2b625130f823a6a26bc8106f1b7d30bd31a4fedd1a6d856b","sha512":"87fa20ea527c57482e8a3d0977702b058b08018f919f7af863cb3915c7f20eb95ddbc64debcdeb49bcc8849b75190295b898ecd11f67b66c7e04eaa99f0bc11d","ssdeep":"192:wVi003Moo2RcrpJPsfSGh09p3iOvFXKLrqbqSs2fF5JRK8dNB7H:wc0BRTQf0qOvVKLrj2fF708dr7H","tlshash":"11128eb025f5ba6136a720b70593cb82af29415ecef4337099c7d0c8863b9386ab5075","first_seen":"2023-05-05T20:10:25Z","last_seen":"2026-04-06T13:57:50.240567Z","times_seen":20,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":52,"dns":41,"connect":1,"send":0,"wait":25,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2lmlpk6xgu7kg.cloudfront.net/uploads/1645606690250c6c064370ec8752e020ce647d55a1.png","fqdn":"d2lmlpk6xgu7kg.cloudfront.net","domain":"d2lmlpk6xgu7kg.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /uploads/1645606690250c6c064370ec8752e020ce647d55a1.png HTTP/1.1\r\nHost: d2lmlpk6xgu7kg.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 29488\r\nlast-modified: Wed, 23 Feb 2022 08:58:12 GMT\r\nx-amz-version-id: cRdaK9HhLLcS9_wllPQb.ZMwmx1tSKec\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 06 Apr 2026 13:50:16 GMT\r\netag: \"959fb4eb8ce68f4120db1a1c19362c71\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: Gk7B6vL6KO73-gTgOE45aoHPrwYGCOjvzLkXer7f-BowS-ddTM_i-Q==\r\nage: 586\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":29488,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 434, 8-bit colormap, non-interlaced","md5":"959fb4eb8ce68f4120db1a1c19362c71","sha1":"340a129c1ae0696ae3cbabbeddf4f36e95d4dd9d","sha256":"36372b5fdfae8de8e99b7a209ef8d6831b531644877b91bea3f5be51b7fa2adc","sha512":"4848b2d55218751ce314f6939d9bf2c3acb21a1f50d656b3fe476220b391fff1d401a6941ff76f7fd4e0721e4d08f258fc373dabc4b8a65829d7fab3b3345af8","ssdeep":"768:lgGEB3yDuIExXDwNZnacEyWk41gWGF2/i:lgGEBwE1cREdk4iT","tlshash":"1ed2e1c084f694c2e331573b3e4f220e72f569039369b4580b57f96826f8dafd221609","first_seen":"2023-05-05T20:10:25Z","last_seen":"2026-04-06T13:57:50.229954Z","times_seen":20,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":35,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buxfunds.com/favicon.ico","fqdn":"buxfunds.com","domain":"buxfunds.com","tld":"com"},"ip":{"addr":"91.218.49.176","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.buxfunds.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:29:26 GMT","end":"Fri, 03 Jul 2026 22:29:25 GMT"},"fingerprint":{"sha1":"13:14:64:78:48:22:81:08:AF:53:35:8F:29:61:58:2E:C5:21:CA:55","sha256":"06:F1:DF:44:DA:84:EE:CC:4C:E1:24:CF:DC:55:9E:82:B0:37:7B:8A:76:D8:25:F1:77:81:A5:13:B7:11:1C:05"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: buxfunds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Mon, 06 Apr 2026 13:50:16 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-10T09:54:20.00017Z","times_seen":117320,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v15/RxZJdnzeo3R5zSexge8UUVtXRa8TVwTICgirnJhmVJw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v15/RxZJdnzeo3R5zSexge8UUVtXRa8TVwTICgirnJhmVJw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://buxfunds.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14596\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:38:12 GMT\r\nexpires: Sat, 03 Apr 2027 21:38:12 GMT\r\ncache-control: public, max-age=31536000\r\nage: 231124\r\nlast-modified: Wed, 14 Jan 2015 22:47:38 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14596,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14596, version 2.0","md5":"bb474f16c9f76f522d656d66aa4a220e","sha1":"55161308d29d91ec21aadf6f63da390a902c053b","sha256":"01a44f86a9b361ef0d3ad5e4f9f0f01d394ab53fc5b0e3dff92466fa411e706b","sha512":"4e8cee0f4f0d8c18263b80abca06e8dda9d58a5ff10fda72d8d0c27bc27ef49dc97346f7c3477518d191b4cd0c946b2d8aef40025e81d72d4b58862395fdd064","ssdeep":"384:yut37C+Qoa05r//4Yy65wcEoo99oX61GRwkdNxGGFJobKdlbCl:yupG+QslwcEooJ0zdPGSwKdlbCl","tlshash":"4562e010a7e1ce84918e77b4641b49662e0010bfd37743f24d471dda6f2c4e8b5ac764","first_seen":"2023-04-11T18:56:18Z","last_seen":"2026-04-10T02:24:32.900921Z","times_seen":1056,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":165,"dns":3,"connect":21,"send":0,"wait":22,"receive":4,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d2lmlpk6xgu7kg.cloudfront.net/uploads/16470047894e0de69106b6d5dc5add9dcfe186f25e.png","fqdn":"d2lmlpk6xgu7kg.cloudfront.net","domain":"d2lmlpk6xgu7kg.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /uploads/16470047894e0de69106b6d5dc5add9dcfe186f25e.png HTTP/1.1\r\nHost: d2lmlpk6xgu7kg.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 78469\r\nlast-modified: Fri, 11 Mar 2022 13:19:50 GMT\r\nx-amz-version-id: fcOyD45QcUokxdIW2JQzGVFGLluh6gm5\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 06 Apr 2026 13:50:16 GMT\r\netag: \"bb54a65af58009e48c0ab87a11a77cf4\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: ZlOg4d4xY9qa88InFcxay492IyFr574qnXkOixec7LU1452Dq8lwXA==\r\nage: 587\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":78469,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 434, 8-bit/color RGBA, non-interlaced","md5":"bb54a65af58009e48c0ab87a11a77cf4","sha1":"f064eb6c77f82a1a66dc45d42fd81f13a32bdbf6","sha256":"2e2c7f466c050e4e14548c8aa416680d115c159a99f93f97ae5e2a763c3bfadc","sha512":"ed34db53f501a4f1778ee37a2576c85f52a5cb629fc4ca405d138ab0bd8b085747a87dfcb38c1e03a5c0f9f8691ee50d6c8cf0424966fe98baeb38f1cfb14772","ssdeep":"1536:LfRxiYW55KxPP2v9WX9jX2HGhz5mXibsnc+bE/CB2WdMaDOGs9kzm2pWjQ6:LfR5W55anAAh2mhgibsnNEM2WayOMIQ6","tlshash":"db7302e1a7080d5590294697b82ea3ec1f67a1869dcb1c8365fc33c6045d37ee0e2dee","first_seen":"2023-05-05T20:10:25Z","last_seen":"2026-04-06T13:57:50.236727Z","times_seen":24,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":47,"dns":41,"connect":1,"send":0,"wait":28,"receive":2,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2lmlpk6xgu7kg.cloudfront.net/uploads/16456066916e6559533a5e292ccba8bb80f9149007.png","fqdn":"d2lmlpk6xgu7kg.cloudfront.net","domain":"d2lmlpk6xgu7kg.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /uploads/16456066916e6559533a5e292ccba8bb80f9149007.png HTTP/1.1\r\nHost: d2lmlpk6xgu7kg.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 12769\r\nlast-modified: Wed, 23 Feb 2022 08:58:12 GMT\r\nx-amz-version-id: qWhXdWD6ozQaJ.1oJMOpmTjlkVn6l6k0\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 06 Apr 2026 13:40:31 GMT\r\netag: \"677e596f3cd64052974585aa7e123c1e\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: CfFeY1Bs8CynGAikAb0uAO45NzTEtbqRVKHmHN8c5i4u9b5ZRTS2lg==\r\nage: 586\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":12769,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 434, 8-bit colormap, non-interlaced","md5":"677e596f3cd64052974585aa7e123c1e","sha1":"92843957e506d7500dce6def69484d6bcb255dad","sha256":"17abeedfe0763eff8133623a2b24502d116f561c2ca907e0263b490a958e2072","sha512":"b5b3d8a29dadbf7dad33749e43b65330d9421656f2af1dea1ba082982b5bd2edc7f58731ff0c20d1b12ab6a1d51b9bade024d74ba95f642e6ec4a36322f98fc3","ssdeep":"192:KaIGyde3nuzh1UHe82qgXJp6LWKcZZR8ImA1pIkzuVRZJu6/iUf:V0LM+8FkIWZD8E1pIkuVfJu6a8","tlshash":"d742b0c28e84ddba3d563d0c3785a148bbf2686cb6f0c845fd6f2e2b7d11860602b536","first_seen":"2023-05-05T20:10:25Z","last_seen":"2026-04-06T13:57:50.237828Z","times_seen":20,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":52,"dns":40,"connect":18,"send":0,"wait":26,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"robloxhelper.app/cl/js/3444xm","fqdn":"robloxhelper.app","domain":"robloxhelper.app","tld":"app"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"robloxhelper.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 20:16:05 GMT","end":"Thu, 02 Jul 2026 21:12:39 GMT"},"fingerprint":{"sha1":"95:C0:5D:25:6E:5B:7B:B4:BF:C3:77:98:CE:E6:AA:40:D5:7E:B4:4E","sha256":"BD:EE:C3:F4:D4:22:F6:E4:0D:E2:AA:5F:C1:61:36:40:23:2B:66:0F:69:B2:D2:26:02:CA:F3:8C:1D:56:BC:96"}}},"request":{"raw":"GET /cl/js/3444xm HTTP/1.1\r\nHost: robloxhelper.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 13:50:16 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: DENY, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nx-robots-tag: none\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IkllS2luS0tRNjhPWGVZZEtoYURaeHc9PSIsInZhbHVlIjoiNFl4QkpSNSt5Mnc4ZkpnTEtVQ09lajVFZ2k0cEtRYUJabVNoU1cvWFNRMGp1VWR1QVZScWlQd1JLSCs0bjhhY0NLSmcyZjZIUzR6Z1d6d2FwUE5LakYwbnpGUkkvZmxJbWtNZkZLa0VReE1JMmhuMVA2T0hXU3NSQXl2Mkprdk4iLCJtYWMiOiJkZjNkYmY5OGUyNjM1YWJjMTI1OGZiNzQ0ZDY5ZjQzN2U4MDM0NTI3Y2M3OTNmMDcyMzMwZDA4YzI3MDI5YWJmIiwidGFnIjoiIn0%3D; expires=Tue, 07 Apr 2026 09:50:16 GMT; Max-Age=72000; path=/; secure; samesite=lax\nogads_session=eyJpdiI6ImVXZ3lFVkhyMkYrcVJIQ3ZmQi93QUE9PSIsInZhbHVlIjoiWmhLQ0d5ZUcyOEpaQ1drOWNXNmZlTjg0eTM3VmVWK2diWnFMa3ZwVVhiVTBPL0phZ1BNaFVCUnIweXRtaWpBSmI5WGpCZkYydUVtaUprU1BjZ3FreDRxSzM5NzNWamYvUElYRXdsNzI0Smw2ek5USlZQUjVNOGlEMUtiTzhJOU8iLCJtYWMiOiJhOGUwZDA0NzY1Y2UyODk5MzY5NTI5NjQzOGVhZjgxOWU0MWQxMGNlZDdiNTZjMDAxM2MxZDU2ZjYyYmIzMmRmIiwidGFnIjoiIn0%3D; expires=Tue, 07 Apr 2026 09:50:16 GMT; Max-Age=72000; path=/; secure; httponly; samesite=lax\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BcbY6QJu%2F%2FiOWqBZo95dNPR%2BnTRNOXDKWrFV3Dtgm9aUyjws6BnMkIm3h5F%2F96K3DPKQzaGmxVfRib5AWZFz28q6JutKzqBss0aTOkvDBE3NC4q7PvXk6B1N3bkWkZYVFcfx\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9e8142b71aaaa41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2847,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"3af1c0a2148d2979eea1c6f6f844f4b9","sha1":"670e4369cd4db702768658b1ab1ebc5889f35937","sha256":"9ccfe0cd24733eecf32e6106ff0161e82bbc0a1341c2af5a50a6d767fb742aba","sha512":"3ab26af0a29150a39a99de102d2c936d4d7d1c53cf93bd3e511fb86d3c2bff561eee402bd2686dbc823c120b16c61af00e33dc5bdd75c32500059e387265b178","ssdeep":"","tlshash":"0e517aef6ca3a650256ba47d0bef910d30b884673505c530bcbc95c85fe0e10aa99bed","first_seen":"2026-03-26T14:55:50.037055Z","last_seen":"2026-04-06T13:57:50.231511Z","times_seen":4,"resource_available":true,"data":null}},"time_used":492,"timings":{"blocked":47,"dns":33,"connect":1,"send":0,"wait":389,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-06","alert":"Phishing Block","trigger":"robloxhelper.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"robloxhelper.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2lmlpk6xgu7kg.cloudfront.net/uploads/16456066916a38f76ae3e8e9726290ecaff38046f2.png","fqdn":"d2lmlpk6xgu7kg.cloudfront.net","domain":"d2lmlpk6xgu7kg.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /uploads/16456066916a38f76ae3e8e9726290ecaff38046f2.png HTTP/1.1\r\nHost: d2lmlpk6xgu7kg.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 19705\r\nlast-modified: Wed, 23 Feb 2022 08:58:13 GMT\r\nx-amz-version-id: feXPtQKsqBjA.yJS7XuZz0bIQAGPBMH3\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 06 Apr 2026 13:50:16 GMT\r\netag: \"6964ff24ad45b4c30c15081c6147ab08\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 6tt-qPqdtgpMGXfk2Mletlo6BFoWjICS5mlGXyLKZ39E_AYSEdxxbg==\r\nage: 587\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":19705,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 677 x 333, 8-bit colormap, non-interlaced","md5":"6964ff24ad45b4c30c15081c6147ab08","sha1":"aee5564e36cccef45fb74541e1110847ab7466fa","sha256":"e90f3ef231d9b8c0871201da1135b8b1c156a9fdaac624ab368695f1276a0b9c","sha512":"f46eb2d4d0b36dee96e5c04b7447a3ae3fff5872d3422c50a1b3386f53badedb878f68dd02e54eca27794b0806c417e3f5d9ec2085b66c8886203111c121d0ab","ssdeep":"384:k17d9dQaBoXLGDrVEG3xou2MwxL4yNOvr:KxSXLgEuounwxLF4T","tlshash":"6e92d19e0ed77c6fe40b3f92b142100309396aa94cbe23a3bbc57871e8d5e5d1327191","first_seen":"2023-05-05T20:10:25Z","last_seen":"2026-04-06T13:57:50.238551Z","times_seen":24,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":47,"dns":48,"connect":2,"send":0,"wait":27,"receive":1,"ssl":42},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2lmlpk6xgu7kg.cloudfront.net/uploads/164560669197909a539d87aced1c1438c4da903d01.png","fqdn":"d2lmlpk6xgu7kg.cloudfront.net","domain":"d2lmlpk6xgu7kg.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /uploads/164560669197909a539d87aced1c1438c4da903d01.png HTTP/1.1\r\nHost: d2lmlpk6xgu7kg.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 7959\r\nlast-modified: Wed, 23 Feb 2022 08:58:12 GMT\r\nx-amz-version-id: yVMr_pqF8bM_T5zFyFeflToGbc2nMQn_\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 06 Apr 2026 13:40:31 GMT\r\netag: \"2ad10c7fd2ca9ff2c30c60316256f42d\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: 9OnWLpCGdIrIg_wh5KUp6h9ED6vmqFxlAuPC3sZXDMJSU7MkeJUKLw==\r\nage: 586\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":7959,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 434, 8-bit colormap, non-interlaced","md5":"2ad10c7fd2ca9ff2c30c60316256f42d","sha1":"0a330895cdb84e68365b9ce9e184dc484da22907","sha256":"a71a66d454123464159618ae7fefc696774ce6b64b25c87b589c26778151d03e","sha512":"53053014ed050dc16ce38270c5f641d7edf0794310aacc208912201992f49d1fbce80cef8a33e697c0a4f9c499aefd8bf8f7f2bc99dc106e5a677e17acbff18e","ssdeep":"192:5tVla0ZwVZ/grdyZb3AlL2oGn9cqQV8pzG4cAKkEv:LfnEZ4sclL2oGKf8iAKfv","tlshash":"d9f1aeb093258a21e0bed352a47b61106f1e1e13075353587a07aef7967fd93e09125a","first_seen":"2023-05-05T20:10:25Z","last_seen":"2026-04-06T13:57:50.241785Z","times_seen":22,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2lmlpk6xgu7kg.cloudfront.net/uploads/1645606690860b44915e39951ccef2f78aae356a84.png","fqdn":"d2lmlpk6xgu7kg.cloudfront.net","domain":"d2lmlpk6xgu7kg.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /uploads/1645606690860b44915e39951ccef2f78aae356a84.png HTTP/1.1\r\nHost: d2lmlpk6xgu7kg.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 31679\r\nlast-modified: Wed, 23 Feb 2022 08:58:11 GMT\r\nx-amz-version-id: RQYIgMchvr6G6gI3kkzRz2_v3JIfeLza\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 06 Apr 2026 13:50:16 GMT\r\netag: \"cf9c06469236cd8e8d2088087b10b5b8\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: pLtQ5pO9pRyqXb-evEKhUoSS_Y-Lhv5odMRPG-QvEBkH9HApBeEGBg==\r\nage: 586\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":31679,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 434, 8-bit colormap, non-interlaced","md5":"cf9c06469236cd8e8d2088087b10b5b8","sha1":"3ed6a01bbcf7bf6b83ab2c997546ead5af372743","sha256":"ce0e7beb9853e79a93344cec332447dad72d4ed2f18b703cfee28bed8e77b038","sha512":"d697b7fc3f1cee051f891dd7cecc51d6c9b4f205988ba8979df46655df709b70d4e68bebe92a22be1de1fd11f0c6a622dcab089fd399e724d6da667ff0282b5b","ssdeep":"768:Ga9qfls4ytxy/TBpMdHBrxJjQuASobcCncLnvGcMTWBQraCveQBV:/9qds4ytwXMdHBrxN1ASob9cLGluUaA5","tlshash":"b5e2f148af5294946c80f1512af16e5d68771fd82a1944887fefab3f5ca10718f0caeb","first_seen":"2023-05-05T20:10:25Z","last_seen":"2026-04-06T13:57:50.242405Z","times_seen":20,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":30,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2lmlpk6xgu7kg.cloudfront.net/uploads/1645606690bc25555bab4430a7900a83e596aef47d.png","fqdn":"d2lmlpk6xgu7kg.cloudfront.net","domain":"d2lmlpk6xgu7kg.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.167.7.41","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buxfunds.com/","date":"2026-04-06T13:50:16.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /uploads/1645606690bc25555bab4430a7900a83e596aef47d.png HTTP/1.1\r\nHost: d2lmlpk6xgu7kg.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 13473\r\nlast-modified: Wed, 23 Feb 2022 08:58:11 GMT\r\nx-amz-version-id: Lge6SHJh03SQ6P2vJ6l8595_6NBefZsV\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 06 Apr 2026 13:46:44 GMT\r\netag: \"12ab420eb2f85783090f0d149cce0373\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: YiMg9g59K-48g4mg8B3GZzuC0BZ4eVW11q_F9dVwZ6Pjv9ykIvWcDg==\r\nage: 213\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":13473,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 434, 8-bit colormap, non-interlaced","md5":"12ab420eb2f85783090f0d149cce0373","sha1":"96b42990ca1e304d0f96dc6c4841ee3d4220561c","sha256":"ebfd40e9d2070bd61499d490fc4ba516d4e1f9baef1a8a271433051cdb25ab23","sha512":"807625c6edd610fd96fd200653b16789591937846af3e632450c2b963cb84b91be14a6362c216230bd726e783fe11b83e3b01311a368b7f0f5c4aa09c2ef8808","ssdeep":"384:FTLOwrwGJ1a3q1UbNaP6TQqE68/qSDSxM9tB:tawdJ83WcP8/qJxgB","tlshash":"0b52bfe3e639d153c2e16263620c17701c6c3d992dbda0d688c63a522ebf3cee575252","first_seen":"2023-05-05T20:10:25Z","last_seen":"2026-04-06T13:57:50.230829Z","times_seen":22,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"d2lmlpk6xgu7kg.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}