{"report_id":"27556a20-217b-481e-836a-04d8b009ae3b","version":0,"status":"done","tags":[],"date":"2026-06-19T03:29:33Z","url":{"schema":"https","addr":"cake.aerofinance.cfd/","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"cake.aerofinance.cfd/","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"title":"Staking | Aerodrome finance","dom":{"size":704972,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1117)","md5":"3eb5f6034d1dd241b99ca5901976fefb","sha1":"d3ba98e635c64fda448b90eed2cff3bda7574ef7","sha256":"0efb9a28800bc420b138df5fff09ba5da975bc9a773afc6b8063804c0fcb67c9","sha512":"38e253c48e526a435461866f26a6d44f7b6e3f7b967ca74de8a9ad9db2e1115c082ca9b6ff2c9a68c136eef8105d0d3e2de0292d4a4329ea931a80865e8a49cd","ssdeep":"1536:qhcYbbX72r2mTwqx/9eaemoQx4Ht37rtPXdSBZ1TPjPzi837453FKHoKQ/L3f3C0:SbtjqZNMKolUKSNHzi5b","tlshash":"2ce498b4a0e6197ba19795d079769f2f3ae1fa0bd91b124532ac8fe05fc7c82ec13045","dom_hash":"domhash25cbc72e4b66d321c3a7b2d74461b783","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"cake.aerofinance.cfd/","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-24T03:29:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cake.aerofinance.cfd","ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-02-24","domain_rank":0,"first_seen":"2026-06-19T03:24:56.310795Z","last_seen":"2026-06-19T03:24:56.310796Z","alert_count":370,"request_count":370,"received_data":2544608,"sent_data":192880,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cake.aerofinance.cfd/fakf6wdg.php","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c5f93c82f6e69a69e728b6aedb9ff59","sha1":"47399e475d2f50545881cc7c3b11e4f4df1b396c","sha256":"14a53482795bb8ba9cb34fc5ddc951f5e30d5efc4e9a57cba859e308fdf3f6d7","sha512":"85fe5f2e4c098584d8ce305ff1bf510a0001f30a4ccb451f5f41c725bac597947d4176c2465b794addc7208a43032536311049e33d712846070e356c2f93af87","ssdeep":"3072:QQNpq9Ey8eTN1nDceExvwCmSxOkhV7ppyUF:1y8eTN9ceEyCmS8khV7pp/","tlshash":"1cb4a7d69a93465ebf0b429ecce26c54c8484d237a18e553eacefd806065e70c4db39f","size":534862,"data":"","first_seen":"2026-06-19T03:25:03.26347Z","last_seen":"2026-06-19T03:29:38.307921Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"79af1939ce7ecf65414adf9b8d3e5052","sha1":"618136fee4c7cef9983ffabde01887834d621314","sha256":"3e3183222b3119435f879f374ad17b8796dba7986f4c57f1af246d0e834c5601","sha512":"5a9b048105d0d51770b63a838874eff672d3face8a9ca15b5019649a09bd983bc980dd4d34165245f6de22046bc74206d9afc8971d25ddded4b039e7e70589b6","ssdeep":"3072:DUJ1dCeU/WhnMpPKfTsO8RH4quyMA3zku/F5hL0U0:O1dTnaPosO8aquygu/F5hL6","tlshash":"9174d665db67c48ece59414fc8e3b449c8444d368b2878a3ef0fddc2a626ea541cb16f","size":369750,"data":"","first_seen":"2026-06-19T03:25:03.499677Z","last_seen":"2026-06-19T03:29:39.637914Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7d5b6955a454b8d99b5126179ad70d55","sha1":"7f30a8a834712b6509ea481e68b3cb5e3ba695c6","sha256":"34a2b68f37409a49b7d51a88e4026b10b89d7f547ff6b266023ebf4c3912f72b","sha512":"ca6989e7c84e26ddc43ecefde0f111081ae08129506fe6a463b3f68885565fa5c56b5171e2be0c176017ee5f07a07b58de8f3e507a1212f2586636687c7d0406","ssdeep":"768:/tBZQw+ctzXLpmklcsF9oWON2acVccczc0cMcJcmcccScLn2e6c7onlpDlHJ7MLP:PZ9mk1t0n2ugZQj","tlshash":"41533fe0aa4be4e49e5211ded037ec01e4281967ceacf293b92ddec1751df22858717b","size":64568,"data":"","first_seen":"2026-06-19T03:25:03.508838Z","last_seen":"2026-06-19T03:29:39.640824Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cake.aerofinance.cfd/","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-19T03:29:03.623Z","timestamp":1781839743623,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TEYOYY4%2BVBBHOVjeRWYt1nyBOV2ivp%2BH%2B0%2FpDa87VMJ9WQGeCFpv8SVo%2FOD%2BenH8%2BM7X3iD%2B%2BnDgKs5Gmrm29yhOmXROT%2FQKqn0%2FBjI6mCZUwhtu5c71X1ytr5TSIr1uU9hH8l13IA%3D%3D\"}]}\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df7296ce6d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":684186,"size_decoded":52564,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1089)","md5":"8c7ce01272389f8f991d3d7aad745d17","sha1":"27f3c73b247921af2ce0a961ddc4ce1737f397f4","sha256":"709e940661899180dc8e790cb6331b749ccccf7c6c887a7d18e06dfadecc2b55","sha512":"bc41a838a09b542cc91fbc6ec749c5360f195273397d9ae03b5ef81651192cfdd94c4f8a43ea231cd896d07c09235e0d7b5c48f98482361b1a665b3b32c92691","ssdeep":"1536:UVsOrDffYJ6GYl1y2l3mhru57TUIbdY2wdHMb8FNdUoRIRUBj9IswHWRIzxFntGZ:W/1L0/niDCqu5f","tlshash":"86e489b4a0e6197ba19795d079769f2f3ae1fa0bd91b124532ac8fe04fc7c82ec17045","first_seen":"2026-06-19T03:25:02.796492Z","last_seen":"2026-06-19T03:29:38.304634Z","times_seen":2,"resource_available":true,"data":null}},"time_used":4794,"timings":{"blocked":-1,"dns":4004,"connect":17,"send":0,"wait":628,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/fakf6wdg.php","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.030Z","timestamp":1781839749030,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /fakf6wdg.php HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\ncache-control: public, max-age=3600\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nqIBYouYrgHA4f8s68jsrzbVeiEnOHBUiFC3G4bqW29xwNpBh14BYKm09pX2UecZ%2FW8Vh0zuePhnkBld2bCcFgqQNgncoRvK5MpJwC68FH1VORNvCXWAG0JaVtu%2BU38Midbr037Nfg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: a0df729f7f560883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":534862,"size_decoded":81808,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7c5f93c82f6e69a69e728b6aedb9ff59","sha1":"47399e475d2f50545881cc7c3b11e4f4df1b396c","sha256":"14a53482795bb8ba9cb34fc5ddc951f5e30d5efc4e9a57cba859e308fdf3f6d7","sha512":"85fe5f2e4c098584d8ce305ff1bf510a0001f30a4ccb451f5f41c725bac597947d4176c2465b794addc7208a43032536311049e33d712846070e356c2f93af87","ssdeep":"3072:QQNpq9Ey8eTN1nDceExvwCmSxOkhV7ppyUF:1y8eTN9ceEyCmS8khV7pp/","tlshash":"1cb4a7d69a93465ebf0b429ecce26c54c8484d237a18e553eacefd806065e70c4db39f","first_seen":"2026-06-19T03:25:03.26347Z","last_seen":"2026-06-19T03:29:38.307921Z","times_seen":2,"resource_available":true,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":150,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/virtual.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.067Z","timestamp":1781839749067,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/virtual.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 08:12:57 GMT\r\netag: \"69046f89-2f1\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tdohjCNUNwo1QlAo1vWFYfWWJ5PuyMjMsbSiwBo3lRg4tWS20trFH2hsO8bUwmWKSiJQhvcXQqskgt%2F0zLVML7FT%2BiNTOj0NVkEBv%2B3g1At7wvFu3vHM06J8shkQzDjVDsGModEdYw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 753\r\ncf-ray: a0df729faf6b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":753,"size_decoded":1545,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"e36051d1944cd562daf4ac79ed55f295","sha1":"f4eac835e0f86beff02c095bbb3ca2762f76e5a5","sha256":"344adba279a7d3ba81591ee75e6de52038522a717835db66fe95638865a3a465","sha512":"12ac6d27c105fa6c4a88d6eee6c0fc196d00e2c25f2ca56cb3132749bf727b2bd490929bdccc4612f477f6075729c3d8699f0a718796683e74fd685e9f471173","ssdeep":"","tlshash":"b00165db3e229eb597000d922966704eed6d236ba323f6252447911a1e508ed446cd8a","first_seen":"2025-12-03T13:20:40.550872Z","last_seen":"2026-06-19T03:29:38.311498Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/solx.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.126Z","timestamp":1781839749126,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/solx.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905cea8-68f\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q87NQTok6eGYP7ngXs1NktNySKg%2FGIp7mS9Q0Pv%2BmuU4OoUHHuRVvGF5kBmPpcsF7taCEQWTf2My3h8SiV0jPip3gbnLZJpSVRxxegMGRhEFNc0Aj1RvAYqDFDdVZdej3JjP7X3Jiw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a00f870883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1679,"size_decoded":2503,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"67b23eeae9c6abbecff0cad8a64f76fe","sha1":"e53535cfdc6c3f92c96ce46b6757781f47bcfecf","sha256":"29459a23bc82f475df12123d1c14f0f39132204884d48cb2a18dde2865ccc4f4","sha512":"eff30b420ba19011e4f7d1636486f8eb4cf31cceea9f55e681bea4d4f0ccf178347a0af45b5fe6b4dd6e994c99e7832867793d8b55fac73e1b45f59f35ef4c44","ssdeep":"","tlshash":"60311a8f3526eaa9ef7008a35da0b46364fd49b3085504500177cee029f76cc543c0e5","first_seen":"2025-12-03T13:20:40.593927Z","last_seen":"2026-06-19T03:29:38.315231Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/roll.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.607Z","timestamp":1781839749607,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/roll.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:11 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6cb-4cd\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TMjR5Tln2Qkuf7axjgGXqoSH5F90kSfQjt0Y6dYLR8A8uhLXvx%2FPAu0YsIutzPllN97UDDjr2QqM20thTJvecrF7luefbyQxe%2B%2F5zpXO1CvXolF5V9JVLlSnkQYh8UsZYvmacaGPkA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a308590883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1229,"size_decoded":2055,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"fe170b7521942279ce32ac618fb9076a","sha1":"18255e1225f606aa511c67c7a86825be1717902f","sha256":"3d663de3a58eb75d01a62e9067593c8548e2e3cbb92d7d276dd8a80b5b231681","sha512":"f1bb81314f24bc9d88b153c3c7cb819a8451bf17faf1a71d2c0bcfaa1b7da5b86de8467e3af3f3bf2f2b551321d05744befca195e13a13e07114c03277658fbd","ssdeep":"","tlshash":"1921b4379932bd5c3baca5240280a4018aa269207519eaf307cc1a662eae424e89e001","first_seen":"2026-02-18T12:44:31.196438Z","last_seen":"2026-06-19T03:29:38.318269Z","times_seen":11,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/wbtc.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.677Z","timestamp":1781839748677,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/wbtc.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 05:47:25 GMT\r\netag: \"6901aa6d-1a2\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=24vgTqNiXHqpkAjY4ekwatGz5gdObIIAP2mxn4pmD3v7yiP0WbjWV0uB%2BCCmfoEMunZPL5zSKI3gUO%2FZwYf%2FtlKBg9y75GBRw9hwatapU4MLX%2Fw%2FE%2Buzu63d1IcTWk3vTzAncJjljQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 418\r\ncf-ray: a0df729d3eb10883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":418,"size_decoded":1216,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 48x48, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"311a92f4fd9f89e67b3d0e54a51465f2","sha1":"b5a2a2075d34d22635b660b923dad0464b6bb29e","sha256":"43e3c81281509419baec632a380e7ac1cf59ccb01db6845b80b65f14d8fe7d76","sha512":"6b5dc0d7e116298b899c27404fe4d055d43d6aca1ef351cbfd8d87331328fdb07aeec62fdb17e50152a25be12334fd3c8708cbff3d5cf9e979c8b1d8f7029223","ssdeep":"","tlshash":"3ae0239050c825f0ad0de720b3c2770105b4da4693b4ce7a05079cf7109018082d7b05","first_seen":"2025-04-07T11:34:04.61234Z","last_seen":"2026-06-19T03:29:38.325417Z","times_seen":704,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/morpho.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.774Z","timestamp":1781839748774,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/morpho.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa79-62e\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0vCKP%2FLJG0EfhZUNbyV7Qxurf95OYdo0u019WZfiA6MojFo0rsp4K%2F6GuC7QzNo2iw1HM%2BAk6W%2F60wdyvOASifddAhPp8IX%2B7ckUvntAyRPmCHq1AoFDqHo88fz91oag20XbxSLYQw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729ddee20883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1582,"size_decoded":2346,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"2d8c9939b0f4ffa57f6676b12af20ab8","sha1":"aac4a6461fe46418dda7692fb29eb46667f9bd7b","sha256":"27553e03fce325419eb26322159d766b1dbb2b29f591e824833a15a7ebd1be8d","sha512":"a90de9d9a9f4391aca57adf5568ea9610c1fca77ba73600c7441c57d1c0c4aabf12106c03450f34e95c445603bc45743a30c25271efd9a76c20f13d405b69487","ssdeep":"","tlshash":"7831d7570093e5fa81783cd95db56eb4fcfb4c6429136914368eb66201ffc539419026","first_seen":"2025-12-03T13:20:40.651667Z","last_seen":"2026-06-19T03:29:38.332661Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ethfi.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.885Z","timestamp":1781839748885,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ethfi.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6904616a-64c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LRAXRMFx4m9pgpI36qIa%2B2S%2Bitl9qjLkoky37QRH1FRlHGrt0oRPfqV9KiVXgtNgNaeBunM5IdBPW77LIAQGuQpX6LJq5CYTDI6pYY6FJQ3akN6FzuhOvk7PSEVuH5H002e9o5v68Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e8f210883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1612,"size_decoded":2436,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"ee786e872bca6f42637eda9e3a8f48bb","sha1":"8772950d9dd2046b1cd53d27226b71d44971112c","sha256":"092305fc597f1da7e66ebc872d35d91e20a3fe46af0b32e4c60fce47f722d164","sha512":"dba8552baf82be7158c94d13a890dc22c768c9fae897cc7378bbb5e1bf77675ba0d8339c8e141d9c3d437b190800e3b6a91307a382722dac5dc6a4d455421921","ssdeep":"","tlshash":"e131ba63bf999dbc7d1d94275c107293a2646cf4dc164e0febe1803e7a096c59ec83a8","first_seen":"2025-12-03T13:20:40.447824Z","last_seen":"2026-06-19T03:29:38.338135Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/caw.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.922Z","timestamp":1781839748922,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/caw.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UxcFC%2BMa3ZMcD3lL%2FUyXWvfsGQVV4fQuuWax%2BDSZnpkFWt1vGlxzy2A9iCbmqypfLKMvJVG%2F7QRKXjscDvfQAtjdr3gP0xjCX%2Bh4T%2FdigThVlCHg0mGXh4N2XVU8JXpiomWTFx%2Fa1g%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 07:24:03 GMT\r\netag: \"69046413-323\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 803\r\ncf-ray: a0df729ecf360883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":803,"size_decoded":1603,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"97287423467052986f7de9963f1c0650","sha1":"a1d3ce72e290c276bb6af4d74a66590697eb89f4","sha256":"f30381d5627253a62195f03f595afeb4138e61d127c573c452ef166da03e33a2","sha512":"fee80d6dab6020e8d80ae2cc597f3451fa9cf146c730878cec06cbb6ea22a275108b06553cd01528e9c67d39d2041b533fccc7490bf2a8a3444cc91db82f98f2","ssdeep":"","tlshash":"b60175d34e3ad68c8457c231b6045782507bc770ee5971c3c19674caef72724f665741","first_seen":"2025-12-03T13:20:40.629895Z","last_seen":"2026-06-19T03:29:38.343769Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ath.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.955Z","timestamp":1781839748955,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ath.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:29:46 GMT\r\netag: \"6904656a-211\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h3ZtxA4MYI3aPrE2TCMEMKPW%2BZxih7zR1anQd7wGYLDhS%2FzxTkYGxPJSnrt4e2BcKuex6I3oKAOl%2Bhilb%2B1NOtAbtF%2BIoyMGUY3G3AJ26du09IhuEUQhjmLjlrQj5JtwP0cuCdX%2FnA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 529\r\ncf-ray: a0df729eff420883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":529,"size_decoded":1327,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7caf625f6cfe183a3b1020881021d9ae","sha1":"49cd44946a4b3445807eda9186896607f5c3a8f3","sha256":"d81b8a8be3f6775a1a4db6a50cb07917afe710b69822d6d8522f6f2c4956c852","sha512":"a5480c9291f3fe81f562232ccf9978b847e533da6970ee0d95cc716b62ad6d1777c3833bcc950434e6ef0577ba3cb81ac26d1d1cbc739b13f764492f6f4fc370","ssdeep":"","tlshash":"0af020c63f0b8cc088443f72684264581866a5308563cd6e84cfa5ed6db56441700582","first_seen":"2025-12-03T13:20:40.684061Z","last_seen":"2026-06-19T03:29:38.351696Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/idol.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.153Z","timestamp":1781839749153,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/idol.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2iWqHeXakcmXAgKmhUkbEeWHERGQvnzrB9l3zSsAMth3FUsA%2BcVbUjfsOqYa7XmEmSABuSw9tCDMdrPXEZJT6qT%2BJa%2BhGHstV5OJk8IrE90lFHqMKQBmbcwAZZZVXFwG0xf5RPdiBg%3D%3D\"}]}\r\nlast-modified: Sat, 01 Nov 2025 09:11:10 GMT\r\netag: \"6905ceae-252\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 594\r\ncf-ray: a0df72a03f960883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":594,"size_decoded":1386,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2d17b12e1b1b8185cb116b9aa3d37ff0","sha1":"fd54f09f91fb4a83613bbc54806ae23b2d72eacf","sha256":"f382da720f3c2fd64d7a6abd808d258869596f481f7b3ac385c147b4a6bfde8e","sha512":"bb4c29c012599dc82c92e6051a47cb13c542356788bd5481d2cd686dd0743f2f6704ace391daf4daba47dc5510823e9ea20101ebad036bc61804b94fad92d760","ssdeep":"","tlshash":"11f0b766f211943a87991d7207e814f259d5e084af0d3982ef142aef2d8320ac109e3b","first_seen":"2025-12-03T13:20:40.54946Z","last_seen":"2026-06-19T03:29:38.357404Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/pumpbtc.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.157Z","timestamp":1781839749157,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/pumpbtc.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905cea6-5b0\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fGohQ%2Be73IunjECHiUGWEoogQrz7JcALTmPjzyL7av9ao2X%2FoZKhGeZyWtakOibNsu6uZTQIKPuBWfqjVuaunCp2bmHTSbCK7XQ%2BLW7a7Oe99NYjmP3JL%2BMVI0stDEZSOFvXiZ0BHg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a03f980883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1456,"size_decoded":2284,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"94b6b0d8ee35d8e6869aff74b5322da4","sha1":"7b8f342b78039b7f2bd00bdabb41d31050bef6c6","sha256":"f6c2e7dfbdb35e11fc7c4cfea0a985ed5f549bab5b43e22643c4930c4b30aa19","sha512":"a637f20e8b7c8492186478ab466d2df3b4a62f589ba44a1ba81dfb34baac33b3cfd00f9023aa767c2bca357314cf41a02d33c7a8981a573d582fdd4cb7efea6b","ssdeep":"","tlshash":"1d31c735fbd41855183003dbbd087998ef5358d51a42606a1cec964ddda00d328da2dd","first_seen":"2025-12-03T13:20:40.55612Z","last_seen":"2026-06-19T03:29:38.362897Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/block.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.346Z","timestamp":1781839749346,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/block.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IWgYjuNRz2vzGvVvDf2kdWTdlX4Gsqe5yWg7sSGUeqa7heJz23LJ8%2B%2FOplPAS13gdUMj9k4Ivg3%2F5lgH%2Fa%2BckrJvzZs0oiODElQlaY00nlldNZ0tFPKMSHdv2LnFtOuSTM70IoWbDw%3D%3D\"}]}\r\nlast-modified: Sun, 02 Nov 2025 08:26:37 GMT\r\netag: \"690715bd-10d\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 269\r\ncf-ray: a0df72a16fdb0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":269,"size_decoded":1065,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"e4060f250e212d1c7ed508e2059837e8","sha1":"5a585f50d4cffff2ad17cc33caa144b263639298","sha256":"faa9a76f74059aec9207a5daf3199314e6b34148508152c7818a27bccac1febb","sha512":"6a442edd891954bddc447a0c84bf3c186e26cadb15ef0bda5df5f1ba19da106e0f174ae37cf4eed479ac74389d3e082aa877907841cb2205198df9f562f38a22","ssdeep":"","tlshash":"d5d02bb2f21a0d1ec4db90ae2b252611da11455809e185d22446cb614d4b545845f94f","first_seen":"2025-12-03T13:20:40.645084Z","last_seen":"2026-06-19T03:29:38.370239Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/dexe.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.086Z","timestamp":1781839749086,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/dexe.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 06:51:48 GMT\r\netag: \"6905ae04-3f7\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2wMTmIynHHOk%2Bxuy6p0RBUzADnLmvouljPyS7%2F9V0Q05d7L7EGzD%2B5OyBx18%2FL4V4vVoE837Ic5UsnNzYwfSrzOVR7yMkvgDLIy56%2FAFeXjvif4sEEJ9MHAkcAegqDEhcXZwc9UXTg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1015\r\ncf-ray: a0df729fcf740883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1015,"size_decoded":1812,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"280b74a78611559ce1bd44882bcad857","sha1":"87c2c8ec71622c5abb9e5aea329a4901be58d52a","sha256":"65ba65e5e36a0e8499a823df2691f4918ec76d2af64d9cdc140d1f2262ca31d0","sha512":"4a0c0a52653b1ab8e6e6648d9e198798b73d9c955fec138cc3fb5798ac4c0a07323be021ea9bc2f2200c79d557a79d914b458cd8b415dced4fd467039d86eaa1","ssdeep":"","tlshash":"7e1132a5b3428b98d9ad12dce0ed2156e50000ba4486cdb5814bebdb0ea5b42b99d2de","first_seen":"2025-12-03T13:20:40.493561Z","last_seen":"2026-06-19T03:29:38.375085Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/white.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.140Z","timestamp":1781839749140,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/white.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905cea9-654\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cUk%2BiONCqJN1wWi5DkxXubusDoTkd8bk9fSOZfwBav8HerzddykYqR4fqe7J%2BEabMAQ396ZUmYSHAsomaLcoOsXQMyVLu6aBrvjqdI5yBycd%2BBP6HnGnWm2rnsbY%2Fw7LaG6%2BeL2eWQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a02f8e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1620,"size_decoded":2440,"mime_type":"image/png","magic":"PNG image data, 181 x 181, 8-bit colormap, non-interlaced","md5":"8d7fd42f7fd0e1265f2dbe6197bd3cae","sha1":"9b0066504e3a3712c97825e9747f6dd2e5988bba","sha256":"586d56a2f04c79ba2fcad9137937281bc3173eeb8fc9d442dd6094eaab41ba68","sha512":"04618871c43aad32ea994a26b3e1271826633b635143e62730a1e7f9339a044f75174354145a3e7a29d8930da2c9e3183844a3eccb9c34e2aed133990ce3f8e7","ssdeep":"","tlshash":"e331c8fec7f05c111cd5e493726a01c1bb34590b8102342db3da31e57f4293ca240ada","first_seen":"2025-12-03T13:20:40.617725Z","last_seen":"2026-06-19T03:29:38.378731Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/keycat.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.216Z","timestamp":1781839749216,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/keycat.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 06:59:31 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69070153-ad8\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rlhRGnfFZpME2xPXaxst2vzZ%2FLY%2F4n6t5ujcD6g%2BId8G9FbyfBoAAZiiB0fUROmWoRyH%2FAPWd8%2B3k0ygqlC7Kaz9hO58RkpcrvRmnfmMKEegZ%2BKy4S62I6iGaKUIOlXza51KRC%2FAbA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a09faf0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2776,"size_decoded":3610,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"cc3868e77b3776e01f0ffb44fc783069","sha1":"1859b2ef514e4a60fa7b0a5759f9a2bf42873e98","sha256":"64b34b253768038208f5896fd45ff149c04510c7ff2099e7cbfcc1dcec021f68","sha512":"b662a9b92c0ca1f4312ef6072a32754a90354e0f1b58ebf3fa629dd5712ec76d18ca51c7546bed56da707d7d845c094b6d177fa473aa2524222eb2ddb0a4b2a0","ssdeep":"","tlshash":"6c517c32514dc9b14ce4b40e027ec12e87172c5242cbfa1d2593c25e3e3ae75239af56","first_seen":"2025-12-03T13:20:40.542248Z","last_seen":"2026-06-19T03:29:38.382475Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/rlb.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.352Z","timestamp":1781839749352,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/rlb.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sun, 02 Nov 2025 08:26:33 GMT\r\netag: \"690715b9-1a4\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ScfCGKqj7hdP9kWx84I54e6GQSsoqSLVmG6m%2B3rTTGzFHyLvrNmvyKOpVfzkbp9mmY6E2O4ov9SczudFSX%2BsW9cVo7w2DuCwsBQsni%2BGMSUEjqEuEUwEDoYBohNS3j5PoOupeoJMzg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 420\r\ncf-ray: a0df72a17fdf0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":420,"size_decoded":1212,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"5a7c0c10c9bb917cea65dfdddfeb5080","sha1":"5f8042bad16fd8b05626cc6d8d4ca4c42a92eb1f","sha256":"87eebd2cd2690b9b917acd639ae430c2d19a27c34b27ef6ccacf4e7ea4a9b0f8","sha512":"22432c47f0f18c6bbc13c26953901c05cf7a2f09ba69ab3d250315abdc296b597d64448511ecc42da839ea5ea48c53cee286daffcb2098e8d891cb394f45b514","ssdeep":"","tlshash":"64e0fabb1364181ec5175d13050d481db77add542d039cf5152d51dc4b3b51db1a715d","first_seen":"2025-12-03T13:20:40.494211Z","last_seen":"2026-06-19T03:29:38.38471Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/apex.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.468Z","timestamp":1781839749468,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/apex.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:49:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909be23-5b1\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i%2F%2BRZYA6%2B4Zvsk%2B52DEaCCacclLWGdFm6HfSSrVUt6ghum8uvO3J4hku%2BtdGkesbcIwKUgJ7PZsDQ41r0t8DCr6N91lOk4UKPeuu7mjd9ZZ6Fr2PspqLIYW%2F0eML4wj1MU3YCmtX5w%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a228100883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1457,"size_decoded":2289,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"a17e00cd1e2e92d60dba9b5727c845a5","sha1":"c1e94abd042028c9ac660af0e4ba3a3111258df6","sha256":"e3e5a8f688b4aab0bc4a0f3451ce63d8e7bb97042f3d1a926a1a35e4d2306c31","sha512":"b3eaddb448b1cc131b6fe6f9c1d55796d6cc1a18a9d7fde729e8a58872df4296971db3de1e79cf2a73708c916cbe8f44ebe44fed4fc80d1e9905cf58cec92448","ssdeep":"","tlshash":"eb31e9a766a4099221733b23dea98414f5cc4317b311de347769cc562e95024f27daa3","first_seen":"2025-12-03T13:20:40.536985Z","last_seen":"2026-06-19T03:29:38.387701Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/allo.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.502Z","timestamp":1781839749502,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/allo.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a2d-5d2\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q6WDy%2BxFhKH4QH0duom%2Frcda7wvzj3J6i%2BS4xTAR1FopbdJ2trSxQYtDnZ00cFNer5QFLWxFlorHPZ6L0uQfwLotBpG4hgs3SEirh%2FcSfRegpGrcmb%2FKtTHlchCAbGbqkW6e4%2Bqftw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a268240883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1490,"size_decoded":2322,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"0aacb3a48c33cf47cc5ac518bb51e077","sha1":"5d91ed018d64f4f8d28f4df4dbff832b8abb1c82","sha256":"ddfeec8d5bfbb0becc94a614771d22f184618c3befd1568f340be0393fce8e7d","sha512":"081813eb880d8a3a901f67f510734e6657ef52f062dc33d6b1dacd4b90ca0e87d84483a85e0e1751869dba40f4a64d25f32428a66e0086dbc43b1cd1eaaaeb47","ssdeep":"","tlshash":"6231ecd13406e839d60564e2862e5a70e4f60c55b33f566942b9508c5323becc7e7d84","first_seen":"2025-12-31T11:42:51.948458Z","last_seen":"2026-06-19T03:29:38.390363Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ltc.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.729Z","timestamp":1781839748729,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ltc.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa79-475\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B9fVxWhBZv8TtYlih2ituAjvW3gwh4XmmELHNXRsaZ6tu6d6ulvY0MrHyXNKLjFd9Jl%2Fraa9nXCtORUiVm88qN1zjjEkEfri2JKjK%2FAyziFUfI7kbUimVAIutX8UVWSk1sCIq%2BQmDg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d9eca0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1141,"size_decoded":1967,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"5d2e589611c1cd4c38d3be3d4e5a03aa","sha1":"2c4e7a0c103bead910153717ff256ac1a9e1ad66","sha256":"a85021a695db44dccb370f36ab3d79ad08e58c6edf89630fffbd44eadd63ac4c","sha512":"353707f4ce3743b2179799ba291f58db80aeeb4871d6f87181c5e0209d83d8b10a6245633d12971d5b7a72affddeec4340cc04bc9358c011ba0958e7f2f03442","ssdeep":"","tlshash":"ca21b9a35b54fbb4de47d11303a0cad3cafe759cc1148f8d014646ab381a755064f649","first_seen":"2025-12-03T13:20:40.600438Z","last_seen":"2026-06-19T03:29:38.392649Z","times_seen":19,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/xpin.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.853Z","timestamp":1781839748853,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/xpin.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032026-7c9\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XZNSurDjR2EGq0lBDzNp%2BjzzoLxM8CXULRnCESGcQyxcN4IIB6Ke4L4EznRCKVVGG%2FOsgpWCAxx1t9xA8cSrk4ag4mJQMg7XoMoBq3jhl8C7kdu5QSSxeVHsmLaoK2bNbYIpojt3yg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e5f0d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1993,"size_decoded":2548,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3","md5":"2029c5d33d83ac93a16b8586382a63b3","sha1":"4c6cfccce98ae089aa21f3ab91b194092eaf1e85","sha256":"a42006095ec585f6639021fcdc5dfd6a0c496ab1e8bf57ed38be890db5c09e28","sha512":"8f817783e474602cacfd2edac8e6b2a1413790dd95c5a793176c2a8171f3cf1d861e78c3b4d9b7cfa9cecdfa1b5dacb4174088b099ffc3778b72f190aa4b325c","ssdeep":"","tlshash":"0c41e941739c1b94eb324379c1a24f43e755a93abe8599b2414247b23e50cf18cdc2c3","first_seen":"2025-12-03T13:20:40.638717Z","last_seen":"2026-06-19T03:29:38.394738Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/qnt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.897Z","timestamp":1781839748897,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/qnt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:18:57 GMT\r\netag: \"690462e1-30b\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gLvB%2B2%2B8WAWNfe8hcPnepOPoa%2Bks8us1dvjslLHDJJmVjNUaTaQuxIHW2pOoBJSc7CVSo6xgd1QA9tEx8uKb%2Bx79adgFE5HF8%2BVyaNJ5Z%2F8YrgSLftVPfW3r%2FuvQ7PQ1I23g1N%2FGvQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 779\r\ncf-ray: a0df729e9f280883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":779,"size_decoded":1581,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"e026115fe16169e508d1763ff31afa1d","sha1":"e936e1548cb802f490fae7cd0d5f6c0c74dc0f22","sha256":"a5a44643fb9b8db8b38a5d6c32d0a6725cc06fccf19dbf0f9b3a8ffd51844ea4","sha512":"cb785daab660c44b963ec263148637dad83ec16cfc8a62f16c2b4180ce2bec776aff87e000295266509971d7b9dc21c77464281814892ce788a93dec2f7ba311","ssdeep":"","tlshash":"49017593438f85d9a2e5c0e36e886c20621610801591015caf7a3456b400a8bfe25e51","first_seen":"2025-12-03T13:20:40.58392Z","last_seen":"2026-06-19T03:29:38.396908Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/monky.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.980Z","timestamp":1781839748980,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/monky.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 08:05:35 GMT\r\netag: \"69046dcf-3c4\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=noPVlwi6BMkHtinjeO%2FfCbqwplOdN%2B08nIt%2F6l9zv74F2ahtiRcQPNc7JZtiZwsb2Zy8itlSapgJraVmEWeQCjw2WjAIX0mh7AuEuGAWdECbnjkQfGDZFquQrYm0NJkm8jeOsEMiyQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 964\r\ncf-ray: a0df729f2f4b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":964,"size_decoded":1756,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"6893c444ff122910f9386b1dea85f660","sha1":"28a514a9ebbb402784baaf64b1efba4b3b4f60ae","sha256":"6a7f2fc2de90b8cece012db8f37568520ae385eb393f52eafb97d797169d0ff4","sha512":"a3bfec150a5e9477184f14861436ea1d8f195a989058788ac45ec3bb12d30bd7e87a297ee0104597a8b28cdb885d1be32038847a710bd73c13b369492220cb37","ssdeep":"","tlshash":"fe1194624e5129f9ca39592e2ccec884e7062abd6a874a0a356b0885e0c0910cadea05","first_seen":"2025-12-03T13:20:40.611185Z","last_seen":"2026-06-19T03:29:38.3993Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/parti.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.061Z","timestamp":1781839749061,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/parti.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:10:11 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046ee3-54f\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JfxLQV%2FfT7cEWjPmfoXlDV41h0KGiZ55kSYsU%2BWe7xHw4xLa9JNwSgMPZ6RvSIe2OpRDKh0izdjjiLpy%2B96%2FYR1ol5CQz1NK0SNlqsKtaQPySK0FFklRRdicmCKMtAC%2B0aPaWlbLbg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729faf660883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1359,"size_decoded":2189,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"0d8416ac147428c3efbe28783a0dc37e","sha1":"1fbf267f8333a198772897f5ec62384f96416450","sha256":"7b1161ad15502cd6043585466926fc992d84d83725284ff4832207c9aaac4030","sha512":"f3204acca6e174c3f7ada70d5cbf91b7be3599b0a65e2b5c4511dafd789bee4727e73d1492d8381c2412f30ecce63c3a944a0e971b863f5708958bfabba2dca9","ssdeep":"","tlshash":"1d2108035085298c999f068764224837b89f64ac7508c0d8be389d4a59940dd8cccc89","first_seen":"2025-12-03T13:20:40.655609Z","last_seen":"2026-06-19T03:29:38.401778Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/sfp.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.104Z","timestamp":1781839749104,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/sfp.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 06:55:04 GMT\r\netag: \"6905aec8-10b\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vy9iE57y3MxHQ%2BfDcNDjqT1h8L607MrwnDhs4nEMGLuYLyJHT7Oq1wuzv2gMZABtsNcyG2266kvLd6aj3NhA214%2FNN25EyTxfg359Or%2BXggGivZx7HZ8r6xrslWP81pDyR%2F%2B2SVgMA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 267\r\ncf-ray: a0df729fef7c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":267,"size_decoded":1063,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"281c71463a7e16bb88c5e7a0a7c5883f","sha1":"d03d7c1f71443c46a67134da184ebdbae3227bf9","sha256":"60e51590fa649123b3aa4bc12209374bb0f0c46ed188337cf90fd1e2a817e48a","sha512":"4d47b5ddfff1a710507066dab5b91061e3e0600027d67791a96514e7e4ad4d8ccd54b03b7fa1dce1516a7d05d1f04660c634d8960a41b60da0040a48c74d31ae","ssdeep":"","tlshash":"87d02b9345223d7dda19adb11e00d100eab7048d5b8022c35397566d2ee945e481a6aa","first_seen":"2025-12-03T13:20:40.539922Z","last_seen":"2026-06-19T03:29:38.404628Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bulla.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.146Z","timestamp":1781839749146,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bulla.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:07 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905ceab-4f3\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=voDD2qLyulV8qwQztl3r3EE5uj1o8j2nzxwm8pZFDW94Alx4aUvCOIYdmmJSZFO6ca6UbD3nDa8LeMKrvloVmFPVFe%2Fbdf1GdRRLfSDomJFbOOqqYLtdGRT5phBy5gqe%2BQ7%2FZl8r%2Fg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a02f930883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1267,"size_decoded":2095,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"63add81c15726635cf68ec736a18327a","sha1":"d9d419d6d5e60947058e77179402a2461c728aae","sha256":"5917661827f775c0a945687ac4d4e6ffce1fe93df678e238b3e11797a135dbcb","sha512":"b7e21bf43da15901ccb2f21a7c44aabe275b3963578b405bcfb6a2f8a093da6f917fd31d1bbdcaad1f24e870d5a7059aef767ff689ec4ac6feb4d85628b4e76b","ssdeep":"","tlshash":"4521e78627fae81cdc924929a4fa74e38a3f1035c156084ba01719d3dcbe0a1f9790f8","first_seen":"2025-12-03T13:20:40.636062Z","last_seen":"2026-06-19T03:29:38.407196Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/esports.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.285Z","timestamp":1781839749285,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/esports.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 06:59:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69070151-615\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s4IJh8imy%2B9jIbfkXTl7JzjMSPAbKis4l9GSfwaI%2FOOEONBUVv7oIH257iHc7mKqnXkST52pmogwsX327ANLKyFfmlDMOqzafJE6HUkii6pZdNc7nRAfU4%2FFzNtRsul%2BL56ZFPcAAA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df72a10fc80883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1557,"size_decoded":2385,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"a9a7b28444bd6f51a66776febc19c0e2","sha1":"213752729cd7f0f594105f2b9b3c5fefbd8beefd","sha256":"ec2f24023a4d752b78435bbda0598b1327a801667ab787a0b222ecb966673dd1","sha512":"14ff20449bb5bdcc5275011e4d32fa3fb624c7631bd9f45341c965f462b2851aa8e9d3c80ed20d4ec584dd46a11428d43ea55ff945d993060fbc6a165a1c8954","ssdeep":"","tlshash":"b0310ae5c158cf284184a3da46fdbc17a4b43df24040aa274c31d75c5c7826b284e065","first_seen":"2025-12-03T13:20:40.668385Z","last_seen":"2026-06-19T03:29:38.409385Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/link.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.736Z","timestamp":1781839748736,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/link.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 05:47:36 GMT\r\netag: \"6901aa78-30c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t9YUH4xeBm8rFVrFCAXZ68nwgFATyg7BfGD%2F7IDVwEG5jtLr02eE1NBnW15tHvZWHzSMAz4mSonej3X0CB6IUDl3S9ZyPtLx4bfjam0lV7%2BjCKXpH0V3nzhUw2V5gaLof2tzsHElmw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 780\r\ncf-ray: a0df729daecf0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":780,"size_decoded":1570,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9c6833f2370156b2ba21dc719e31b62e","sha1":"ecbc4f59b4b5e2021444883397d5d00be0f88368","sha256":"6c20987241689b4345311cacdfd94c2b145b75d17daabfb950f03fb0460f7b22","sha512":"e515a776e955a38c1596e5880057f03595e7131269318813c35ee8ff6bbcb15db9112e42d971d368a3c0f98a907d3816844621646483130eabea225d382f8932","ssdeep":"","tlshash":"6001b542f16c1ccdccc5bb9e89ba76e6d2d14b002c3513a2ae59cb0219bada08804610","first_seen":"2025-12-03T13:20:40.508469Z","last_seen":"2026-06-19T03:29:38.411767Z","times_seen":19,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/stbl.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.849Z","timestamp":1781839748849,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/stbl.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Thu, 30 Oct 2025 08:21:53 GMT\r\netag: \"69032021-317\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ehokAv6ABK142PRmJMz%2F4B%2B7%2F9indVX4qkFLa5M26naDFaWlz%2FpkvyGGbLBZ5hr05N8RAZJ0QQZe88TRFm5Hd0Kt%2FBWL70GbnjpTOf6vSwwvt9EDbDQhafM9qunECU1ZskiHsEOs2w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 791\r\ncf-ray: a0df729e5f0b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":791,"size_decoded":1587,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"bafa93844f41424067b6553e5d55dc09","sha1":"82e4de236abca8f97102ac781368e25033f78745","sha256":"192f2c0c16319e9145a83625f8113be776bf0419fef04e79ac189289ce4fa8d0","sha512":"fbea8afd7cfa12fd7ddcc2f243f8886f2f80ebcb6e0ce9fc7be0cd18d57263f28f5cc8fe8a8100441a26bcc2393e20c3c8fa257f5b1790588c83eaf1b7bcfa07","ssdeep":"","tlshash":"2201ca8701160af13942ab78560c381d34d69e754f9194d93b83f7108d79248e5edfad","first_seen":"2025-12-03T13:20:40.463682Z","last_seen":"2026-06-19T03:29:38.413885Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/pepecoin.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.916Z","timestamp":1781839748916,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/pepecoin.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:24:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046410-99f\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FCHVN8oCHDpTYsg339tS2Tw9G22%2B1UaTpSR0tU6i0L1izSAmSA27vL0zZAGozGoGwX44Mlx%2F0amNJxjEfaBuzYEZX3acLUBrLvQDoD19kXW4Ua7%2B%2BDZawvDI%2BdtlOvWj5qNaOFMeKg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729ebf320883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2463,"size_decoded":3295,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"232cdabcea3fbec21f4ea3229b52aff6","sha1":"33523a2c1925491d4cd2826c16dfa6199ace98c6","sha256":"761a0e0d19848127d196f155c17c801dcd6a979ad61ac61cead2c01b65894312","sha512":"24afc49e3a891acf9749e132ff6b4387d85ef47858003b5668deba9029d62fe87eb2c9e490a47454cd45a94f23e468ea53f134060365325e03e664a625bd184a","ssdeep":"","tlshash":"10515f5397c46ef047ae1c3df018472b4ab93f912576278da4e6e46507c1dcd5297812","first_seen":"2025-12-03T13:20:40.464495Z","last_seen":"2026-06-19T03:29:38.417948Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ski.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.098Z","timestamp":1781839749098,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ski.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 06:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905ae01-6e6\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oz2Zn1%2BqC%2F3o6lcRBe3yQnldP9e6eX%2FCZy5D65FElcdwUL%2BeW0FJSeSkYjC9PfyZjL2t4ISTIXuopRf98vmWZHkCn0fH0xB8lJbBQxki%2BDwjDHAtD6ni5VL%2FeX1NDb%2Fnh9lMo%2Fs2Ow%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729fdf790883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1766,"size_decoded":2602,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9b19b48717c936c3b34fff890c7fa5cb","sha1":"654e792732d82281b82e62e33e9991c06741691e","sha256":"4dc2c93cc77dfe8f6ebc808d580e4292f4adfba77f0fdd437bfc553409904356","sha512":"6a5faba75113486c7a8c8dc500e12fd4d3a565bba35c5e2220f771cba555a503b9d4793e326d1b237b765996aafcfddab5b1c023981f26e42a04f4391a24ad31","ssdeep":"","tlshash":"05316dca534bfa58bd304c720f1b04d5d84113061b297c4d5e3b273acb53d03814e309","first_seen":"2025-12-03T13:20:40.639475Z","last_seen":"2026-06-19T03:29:38.420187Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/audio.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.316Z","timestamp":1781839749316,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/audio.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 06:59:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6907015c-444\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z4CFlKoojpc9IpIiXjU0jQghgTXuZYtNgWir%2FIhYqGr7mb9BuC5z5rWEC5xKy0W5HaGVJA9iVsyQxA%2BC9bcHkgeSwzP3oVsyFme1Pt%2BF7tKOczWL%2FoicD8JFBTUfw%2FWlSYAPJ76pzA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a13fd30883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1092,"size_decoded":1920,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7c9ac973bbc8f311576b844e51f755b6","sha1":"974fbc07886188f54a553199794abfa0bc4a20bc","sha256":"7b5a2e7efae79068efad2f76577873727862acb42b661af99509056d6a265dec","sha512":"39f5239d5ff37f79721c215428b68c2878b03512cb92fd697eaab03f1cea4d19a61cef4d91ebbd572c3803e10c05b7ae79dcd523076297c5756af714744cfdc7","ssdeep":"","tlshash":"2811e9df12313902d485abb388121d31a7380eee1fb101dc3206d92a0382c045ec797a","first_seen":"2025-12-03T13:20:40.535295Z","last_seen":"2026-06-19T03:29:38.422368Z","times_seen":19,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/zk.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.416Z","timestamp":1781839749416,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/zk.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y1FGo67WDxhglD%2BiRpFCQDLtgcXz7keQqcwTwjvOrakHbn%2FxRIce1nwO%2BnbSbD%2BCBpiwp%2BUmAIzSMhsoMp45jRga1aypSXuEvPVeyM%2Fn074hs2vMwtS1ZTP%2F2uqNPf07xHWLLJk66w%3D%3D\"}]}\r\nlast-modified: Tue, 28 Oct 2025 13:43:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=4,i\r\nage: 291\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6900c884-105\"\r\ncf-ray: a0df72a1dff50883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":261,"size_decoded":930,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"56563b9501ccb465bd45d8d11606711a","sha1":"62b9f1ba061b76ecb9da33eaaabd7f2871c70900","sha256":"a2fd92b7deb204d3c5273502c8d3ee3c80cf3ae1e101747a74ae3863daf177f0","sha512":"be4b0abcea77ec85d5d08299e7206a4ba74f4973d6cca89012d2d72f4fd97977fc6491c044f7ff1c98dd173ed0a04cae2a6dffb7eb6dc60675656279d8d7d1dc","ssdeep":"","tlshash":"8ad02b697189d004c8104212072c7466805b80da914804b1f641710af48eadf3c712fe","first_seen":"2025-11-14T04:59:26.140512Z","last_seen":"2026-06-19T03:29:38.424662Z","times_seen":20,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/linea.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.441Z","timestamp":1781839749441,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/linea.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wW9IQvZ50949FNcAqhwkTuKglL33YHQnafdqjVXa5aoNKe2G%2B7S00IBFDbI%2FnfSajYXK%2BGWT6%2B8WexM9jx0nIEcGryc4O9SoxiePolMVlmlSSt3hTYw%2FI8NriC6sCd1aygZ3%2FJjnkw%3D%3D\"}]}\r\nlast-modified: Tue, 04 Nov 2025 08:49:44 GMT\r\netag: \"6909be28-155\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 341\r\ncf-ray: a0df72a208030883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":341,"size_decoded":1139,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"5e12db77caf5ae424cef42c6ac31a443","sha1":"569915544a16cfe8860fd2fc49515dce4949fe95","sha256":"5989b6b5fdc3c83ce9b9ebcacb84f27982d5ed9096b77f7f8c859707a18988de","sha512":"73d47a404bc26a6b9f8e284a16d088cbe60d9e622defa20ff1b30db590d934329e6278a0a518505e5dc2a7e44d1ca26075bd6df34fcb5b3dc5de19ed6b41445f","ssdeep":"","tlshash":"60e0c0cf0303c97ae916123b110ead04adb50254212f3106066764923a6190fb044c41","first_seen":"2025-12-03T13:20:40.469171Z","last_seen":"2026-06-19T03:29:38.426767Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/xpl.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.506Z","timestamp":1781839749506,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/xpl.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sat, 13 Dec 2025 08:56:12 GMT\r\netag: \"693d2a2c-32e\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ycGVGEBnyKAbRtet7NPnjPD9Lj%2Fou1TNm%2B%2By4LYqcSuT6XlG3P3WbVR%2F%2FcrVVFQKY7G8SGZYN%2Fd20Q947dG7M2dZePFl2ZBFcm2Jo4uh2xKGEYMJAmBTEkhekNV4I0rlchwYFL83Ww%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 814\r\ncf-ray: a0df72a268260883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":814,"size_decoded":1612,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"812368a562c85f7d50c3b88df66569bd","sha1":"9c646441870874a8ed9def368a1b4818d14e6692","sha256":"dd70518b9d44bd35ef4a3ddbfdb48d30ffef840adc6ae4fc882fb4013d609630","sha512":"c6de4f88e99d8146f8828bd214451a0bf0f35ee8a683741210625717ff4df12a9d73084c5ff2c8d58567a68f8059ebb496dfcd5ee5fc9b8b9dd2869e755c016d","ssdeep":"","tlshash":"910181ebaa8d849ccac0b1e6d5326168f85a50c0d12861b38c339594f3222f8aa0de48","first_seen":"2025-12-31T11:42:51.655992Z","last_seen":"2026-06-19T03:29:38.428962Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/andy.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.804Z","timestamp":1781839748804,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/andy.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:12:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da98-62c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sOShjdMgzkpafJzpbBVDHAJtw%2FKRZrQuGQGXcTxA42LfRbJIPVGxeeV5IJMnMbGa7R83NNdLiCmYNtoPgrqC4Y0mQLNrLKkC0t%2B2401VuVnzXOcVq2V8AL3DTa7IDhGE1dyu3tzyXg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e0ef40883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1580,"size_decoded":2404,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"f285304205307d840a0d83f2a42b0963","sha1":"f37de578295f7a2edae28139a7ea5ded3691e680","sha256":"eea77045bb615af780e8ee62f28cf33b47bac2d03d903299c80a15468dc17234","sha512":"d8ac576d2cfbf5ce54c554f9204f0c3bd1d0dab747ce7708c44d2db9dfaa8eb692423740854479c689cfba7d9facd7a9c8f5969b2437feaf4d7c3e6e15e9d7ff","ssdeep":"","tlshash":"e1312cb572381eb79235a855ded944d0bea863790ccaed905d01d4225757c24c04c5f8","first_seen":"2025-12-03T13:20:40.646617Z","last_seen":"2026-06-19T03:29:38.431539Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aioz.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.892Z","timestamp":1781839748892,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aioz.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:12:39 GMT\r\netag: \"69046167-3c7\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KelDH6PbSbEFLfPzqURBom2UQUpKbQ7MJee0WKQXxFnKMvfKwV85d25gjWaiK7yK9YpUEW7Ms58hSBU%2FWk74Yfu%2BEvbrLWbsFGwkV5OmyPuW%2FKpX1Z7h7ZYUI%2B8BMo6wuqxS5aG9Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 967\r\ncf-ray: a0df729e9f240883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":967,"size_decoded":1761,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7346a0b24738bf9f4ceb2b948b33f901","sha1":"62562bd07a9e453c72f7c85e1a9ad16b3cae0bf2","sha256":"e1c4e31ee081674695bc453c967706a8615c93947dc4d8ecf35adf836071b9f6","sha512":"9f9f2cb72c0ca96418c001a13a67c319ef92329028a278f5813eb3cc96e61cda4579376516e54adc9652f6135bbe14af6714028282320179c8e30c1f34cd321c","ssdeep":"","tlshash":"051194aa52ed7a7ce2652039cd39d108ad93283c84722c02b02537a78f79384ec55fca","first_seen":"2025-12-03T13:20:40.462215Z","last_seen":"2026-06-19T03:29:38.433733Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/wtao.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.949Z","timestamp":1781839748949,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/wtao.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:29:44 GMT\r\netag: \"69046568-ec\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9I4uk3OafhZbGWnT%2FmVXyxU8y7pufbAvzLTOb2qGUDyAO5t34dHaYOSXdaFUt4vwp3ahieMDdTMEeVPvp7B5IGcl0j%2FOho8H7FVN%2FBJJOReOOK%2FiQU5D8CQyjDHw9MuWe%2BNhXcJ2yA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 236\r\ncf-ray: a0df729eff400883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":236,"size_decoded":1031,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 4-bit colormap, non-interlaced","md5":"dce7b71a0e218c8d35ba4c00e66de3ef","sha1":"90bed724afe4967784e49ef4f0faa4d05191f781","sha256":"795ee37f1e6f8966099f4dd10cacafca365d13d43bde04e360daa73df5d84615","sha512":"81ca1e340751378085fe437d1b0ef57d610ed89f7f6cf2ed133d647fc4679c2d2fab9494c0e66ef5e7be05d47ac5abeb4a927b7a04784d006e42677882a3a8a5","ssdeep":"","tlshash":"bbd097bac601c8f8ca0920240c08ca649ae6311c84d30c0a17408f1309032a1484e32d","first_seen":"2025-12-03T13:20:40.649463Z","last_seen":"2026-06-19T03:29:38.4374Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/tet.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.050Z","timestamp":1781839749050,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/tet.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 08:10:12 GMT\r\netag: \"69046ee4-21d\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7DesClwAb0Vij2KMoZL6Qx9e2zgQex4IeLvB1QxHgRb5yBnMVW2QRQ2O8nuXdrsVhDXwr9UXce0gSCy38nq9YHwH23v2rB3eXdeZsl5sU0DPvqdrPaYT%2FwNQzrn6JQ9o4waKBv%2FQJQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 541\r\ncf-ray: a0df729f9f610883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":541,"size_decoded":1331,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9d5a9ca0cd3343dcabafaabbdd43669e","sha1":"23afc4bb5dddfdc9e3c77ec98bcec1e97c4d5d0c","sha256":"e8be1092e2ca73297d7603297c4ca16f8cc143f9640a4b1303c8248ac906777e","sha512":"2ee6340bc8b1c2f4e18f52297c9853e7e21ee5e63540b2873f026becf13edc33bac4ea79ca951e6506df912bf6ef3acb1bf183c0a31d75d01e3ad74c7827e5c9","ssdeep":"","tlshash":"bbf0c0da534370daa1d60538ceed4440c865552a2efa242b9aeee1b02d39eccc5e4fc4","first_seen":"2025-12-03T13:20:40.521816Z","last_seen":"2026-06-19T03:29:38.43973Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/lqty.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.459Z","timestamp":1781839749459,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/lqty.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:49:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909be28-467\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g5t8suf7CcQyu4SlhKNo9noiUCmyDgBvXShr2KPcqN3Z6jTVloe1g9z5jNqfFhKNoTmdncAvEP71kHbeR9ASxFNaeJoG%2BJ1s9t3iBeOUqlgTk1dLcmC1We3u5fCXC0ObcGoQ7qAbYA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2180d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1127,"size_decoded":1949,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"669d61ead4d6b6b2d1b0bc7dd1b332d1","sha1":"4f48002a9917c081edcea85bf3ec535afb20bf01","sha256":"ce4cbd318eb07fb3b618d52701b90bf1e47d6ece413c76e6997355286b2a94c6","sha512":"0eac427881e4556184a36ec4693ccaafc649224ab86b446134708b063e9d4cd2cd06b10c3fc6a4815c29a3e9b147ab2518eda10d79f3bfa9c26d22c3e77453b7","ssdeep":"","tlshash":"0d21ca1b6a6d5d181e5444d85ce0c4d998b16914a429847bc703340efb2a4e54e7f9d3","first_seen":"2025-12-03T13:20:40.613716Z","last_seen":"2026-06-19T03:29:38.442079Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/prove.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.525Z","timestamp":1781839749525,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/prove.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a29-5ec\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4%2BjYUYH90ZrWqJ%2BzxkWCgmiffUmQFrcZ5i%2Fy9Zs75ranEPijo2mIjbeXdIiA%2Fz6SnMCD2rOpyk4UoGCvLxlAu2SUxpFtPVcmdZejJOlHVD8XQjU4YDEY0iP8bqvZxN40rgm7Ug5j6A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a288310883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1516,"size_decoded":2344,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 4-bit colormap, non-interlaced","md5":"e0999f66558277ad8db2940f8440f12a","sha1":"73366e8b43af168b9b4058e022a7ad5334f61eca","sha256":"e027b0c40badabdeca19a33ad5ae17bc4e394b80bfb57b02172c178f5f63f047","sha512":"bb4e1142193616c1335b131954e130014582cad8c6ab2778abce80d8d2d5a3ae675725ecf60628218fac952a71e84ef7920f7547e4044902a335689782c41757","ssdeep":"","tlshash":"0b31fc9179909c1627bb176f7ed41254f427885ef02f9f0cd73459ca452b7177580409","first_seen":"2025-12-31T11:42:51.620897Z","last_seen":"2026-06-19T03:29:38.444457Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/esim.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.608Z","timestamp":1781839749608,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/esim.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:07 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6c7-463\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mgrMNm1QeXtrYdDxgz49%2F65PkhnnxL3qlt7J6kLcDd6WtfOlTXALzPvlhm4DmEwfn9xFduxY2uP8KNgFAm%2F1%2Boiqn0yMDntI%2FL9fiZ3fI3a2oHrpAPT2Z362h7TbesngoFn%2BrCVROQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a3185a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1123,"size_decoded":1953,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"f47f8ab9ee9e6e17bc6f1581eca21704","sha1":"e5ae8d21564c0ce1e021ad79b612718959b99ab4","sha256":"0bc90ca15e809984b5d97548116d05a1cf247f78ff4d907a70b23f86f906fa82","sha512":"16289a7e5b201ad331c483b42922c574943c6b796bf8ada93c0d5f3efe46efbf126fbd16a268f642b283e3e7261b48d92d869b5e3cef5493659a73bdadfafe46","ssdeep":"","tlshash":"4921b670da905538c431550e778169c07dbde5e1f16272da36121cd54b7a3aae06c8d3","first_seen":"2026-02-18T12:44:30.836823Z","last_seen":"2026-06-19T03:29:38.446778Z","times_seen":11,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/arb.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.686Z","timestamp":1781839748686,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/arb.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 28 Oct 2025 13:43:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6900c880-9da\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BKDYu7bt94Z2jcOmm1a61M2q1HF%2B8ZcXi28KxbewBucTnDMJGVl8isV0Q9MrofEwgYPJiQHeOo%2FEFxplxxVjjPZsGkwtOIRWCoOkmjDpmVWbOI%2B42Am9ksDxsnYNwTyJSNIdBB7HQQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d4eb50883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2522,"size_decoded":1944,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"52f88fe1d19835420b559a1cc9c6d6a0","sha1":"008ee1314b31aadac4448501c6b7fc67d2a4f4bc","sha256":"29e13cf043e308cabc1f24a88d199152df3ae37d4b7cf7c4708cf742e7151db1","sha512":"7abd2d2e6c37b5ea6dd9a7d0753e8374419f1556c485d05e86b4fa43b81e3d54b8317274849eaf429c6b091477e833848a8d0f3619f06eb529eadc890babe0cb","ssdeep":"","tlshash":"ef5189fc5ff9fcc19fb1d3e69f002578626392fa67840b05d2983646388206d2c184c9","first_seen":"2025-06-21T05:19:50.600485Z","last_seen":"2026-06-19T03:29:38.449308Z","times_seen":31,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/op.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.695Z","timestamp":1781839748695,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/op.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 28 Oct 2025 13:43:31 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6900c883-619\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0907e1GLImyemKXUBL1UkDABHTmfXaDKW400xO92UiVijx7fffHo2IDiDgiW8yErtHKirB7j2SFSaog2e5GiQxqUNPzhND5OsTna65m5FJUnbHsrA6%2Bj0i3lJepmVQOp9RVWryzZ1A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d5eba0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1561,"size_decoded":1552,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"428c3823c3da6f7b90d9de17590738a7","sha1":"906f9b752abbd038563800f20213f8ffdbd2bbdc","sha256":"ab1133315c2b95d72e7ce18fce495887b4eee616d4c256bfae3b777759db0d36","sha512":"190a5632075f41613acdcce912b1ee99dc841ee824b0b73d7a403ad6b23e3b003f6b594c37f71211aca71b737aef8f9e0bdbf65db6f548d97a7cded015b686c6","ssdeep":"","tlshash":"86310e7757a85f8ed050eb08b7c0288d33b9b21eb2b540d4cb8335229c93ab39178935","first_seen":"2025-07-10T20:27:35.459006Z","last_seen":"2026-06-19T03:29:38.451976Z","times_seen":24,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/joe.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.479Z","timestamp":1781839749479,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/joe.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:59:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909c079-47d\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Otcq5kvmP6J%2BMXzLUBGaaT7MPAXa1NmTKxAM5AEfoJJ%2FHiyZrHw9%2BoTsOy%2BxLTSopluOC5x7x2xzsI5fhBXz8beJb%2FEOJVTRstNyjGdR3ZY0YDgD3MKlqBoi0Ex484zD8dNgrldkXQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a238160883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1149,"size_decoded":1979,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"03b7754591a3c26abb93db6d23e18824","sha1":"027100246b1ca9d5d8be44194c8640bb565e1781","sha256":"f294adeb13e002c3ee05952ba1d2fe474902b117a916d1beb69b6a7dc98ed902","sha512":"30e936455405e894f3295e5dd3392fd7784bf7e4b503007ce4877c421749f1587d79f5c43bfa75d5f9e291bf222b82d4ddde13ed31f47c9b31304da33568f453","ssdeep":"","tlshash":"8921c6c1810c99b699cb62148c187d4a8aa71316c4218d3d1f939bf11cb6248c008eda","first_seen":"2025-12-03T13:20:40.570336Z","last_seen":"2026-06-19T03:29:38.454328Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/era.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.529Z","timestamp":1781839749529,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/era.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a28-460\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vyNmI5PKMuFqCLGVESnCHldDV%2FL7FsIfvCDmL%2Ft7s%2FRu87p972R3BCZQGTrmlonsjok88ILmRGdvyf7onWYkFlzYTmTu5m7S%2FihD59Ecq%2BsZMo6al3CkVjLzbAIYSYu6sdXDTUeu4w%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a298330883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1120,"size_decoded":1948,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 4-bit colormap, non-interlaced","md5":"854d95f0afe24bb6a339ad9d05bc1e1d","sha1":"3e9a2e4943670bb44bf28e023916d8ff4af5c473","sha256":"d7562b39ab0fbf0bde33f8acf3ec2ca1e509f514a747d8b84ef9952d4f784a31","sha512":"8c9a15c300ebb727def305765afc1ab9686e36b2790868572ae99b8c33412670ae82e3d9a375fe9bb1e593830169574fdd5bd12c0a1f65294510c2cd8e4396f8","ssdeep":"","tlshash":"9521a3ee8a60eb50afb44cafe760d202a1aa4fc5481be0e1985f584c4e6940030eca0a","first_seen":"2025-12-31T11:42:51.756386Z","last_seen":"2026-06-19T03:29:38.456721Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cookie.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.059Z","timestamp":1781839749059,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cookie.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bLEF9f90zpYiQS29liLbjgTa0ApH8ehFi3D2SRvqYwJMLlsp5IHhrCBVDmQZkr1dbX8WcoVqJkTozZZJZsfKw9jtoN2vn%2FzTzUY7V4RNTaWo0HW13em9%2BtLsjZ0%2B3k6VzlVozsWLiw%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 08:10:14 GMT\r\netag: \"69046ee6-1c1\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 449\r\ncf-ray: a0df729f9f640883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":449,"size_decoded":1241,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"a1dabe605a72e79021803f08a8895dcc","sha1":"bda2f5ee238ecf16a793614a6faf596c6c20aff5","sha256":"3a72856e291aa81b35d6bd5064bd799b180efa7397064f7962f2a4cc6224115b","sha512":"e8cdaab4caa74ccd7fb0ceb6e8002268aa3d606955eae008bfd58b1abab4929b78a61a3e1fdcb65f077fb23333608da33cff334d2697ae7771ec55536aa8f3eb","ssdeep":"","tlshash":"22f0dcdecb3e246586b712b02109186adcb8c0a9038684134f0b01aa8e67544858d345","first_seen":"2025-12-03T13:20:40.670762Z","last_seen":"2026-06-19T03:29:38.459474Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/dolo.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.523Z","timestamp":1781839749523,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/dolo.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a29-b0e\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PJi1CKv3G%2FyZFNDdER8NpnRIprg%2FiELgobyWuHhK6jnrA7jtD0XokGjz3%2B7543hw%2FGqxoyLkqHssE0N3hBTFqggPdV7zGDFyZKdT1b0Ye5279U0yPzHVh7hemImftUt6myCePwuovg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2882f0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2830,"size_decoded":3658,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"24c190e3201107a81a4ad9660f24edbd","sha1":"9cb50dcd16d8a9bb20382a873d0dd6445c889321","sha256":"77cc38e275881ac8bca6c1c74dc690ad297764c31788916180abc85c098775dc","sha512":"badecbc8aab75858d311edaa646e7d9cc41057368b038232043eea8464c7e58de194f8b68523213ad3353444ccf3893b932f2ec519c34d1daf379813b0dd4769","ssdeep":"","tlshash":"6e514bbd54982b9ee530ae77c190d24cc45ebc72f9aa82373980bcb05fbb16118047c5","first_seen":"2025-12-31T11:42:51.530979Z","last_seen":"2026-06-19T03:29:38.462329Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/vana.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.534Z","timestamp":1781839749534,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/vana.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:07 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a27-4eb\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CfHlgXVsKvqRjj1pPC%2F9qoJyimGQ82foI6lcQrirPnB3Ny7Uq9siqdTkTWJXzN1EUaqnPTFRocYiEWc8jz13hYhWv0V7R1hNHDN2%2F20rGP%2FwOWaxpAbnvjK2Fja2znFUdSOj1XSFqg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a298360883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1259,"size_decoded":2085,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"be1c40f701389fce8a7fcc558cd70cba","sha1":"2fe2480e87cd0e90b0179cb82b402b47a38dd31f","sha256":"37c5b25583192ea205f4837c95d1b720e7ddc3959d15bd12913cbdb932987b35","sha512":"511a7b0ac9302faa8a0c6fbbd8e19f4dfc58dc67c19993c8c03187154bd228542ac86eb0f055756e9d161e78c22f15988bad1fad78a4638e5d8b4d58837617bb","ssdeep":"","tlshash":"7821ea9ac53a7da1d1d044176ed03230c553e824967f0fc86b5d846f72d81a114b030d","first_seen":"2025-12-31T11:42:51.981803Z","last_seen":"2026-06-19T03:29:38.464623Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/space.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.574Z","timestamp":1781839749574,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/space.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Wed, 28 Jan 2026 07:12:12 GMT\r\netag: \"6979b6cc-2ee\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=phDEox%2BaXapc6S4yrD1dWkb9x6d6cTRwsWoQdDSW6IZbp22W1xTU%2BO58bwrgJo%2Bzjz%2FcNEsnYt%2Fg1uJYgLDW1T93yQVUWqgF%2FWBBHtulr3dsOT6XMpZQmHyJ7NuJ%2FT1m6Qbf5QY%2FUA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 750\r\ncf-ray: a0df72a2d84b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":750,"size_decoded":1552,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"16a3edb382cd92c878431a88db346db9","sha1":"467d8f6b8dcc08fd5a57727c27c7af3e53477c51","sha256":"7196aeff620d7f5f2d9113b3188aa216726bb65c1b9fcb9cf4e537ec247f83c9","sha512":"d68c75719a16efe7ab3b3007002d1a9978096b54f0167b73d2ce9161b6d6c64c435b03d8d29e6547c7e7bda53fbc977fba5bd8712ede76d3e58d04a85084515d","ssdeep":"","tlshash":"5001ba46c631b8a40bb59d1f0bf562481d7c5a405d0c05c1cef7ecc5258109dc7c9530","first_seen":"2026-02-18T12:44:31.143668Z","last_seen":"2026-06-19T03:29:38.466975Z","times_seen":11,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/xrp.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.727Z","timestamp":1781839748727,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/xrp.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa6e-627\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FXqzGy8S%2FvUMGW%2FIHkyTiCRs2flSxpjFs0374oV%2BNqiCpX1zZmu1N5Aipt%2FyKS9KoVP9Iy4ZsUxk0T%2F6MJ7Pgc6DlyYF6EJDGf5chgpCNEnM%2F9N%2B8dn6sxX7RExalZQiujO7Crsp%2FA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d8ec90883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1575,"size_decoded":2357,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"58e970649b56abe1a5bb632775d7d07f","sha1":"8892988ec75f31527396ec621367375889b3badf","sha256":"c3e8a5d2f28ed3137bee8380af2cb6099558123c64e5b3a3d6ab05a823a93f15","sha512":"86f3b9d204ea94a355359af32dcbfc1f289bcb213718204b61f8c3126b345d39e04869ab5e359a42114d894ae76a3f728cc3f2c7ed75b5bb48f5082ea962c2b8","ssdeep":"","tlshash":"2831e933b7972b23ed9998b81a9039bbbb1180a55f73814d7d05084d3d9044da7823d4","first_seen":"2025-12-03T13:20:40.581323Z","last_seen":"2026-06-19T03:29:38.46938Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ezeth.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.745Z","timestamp":1781839748745,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ezeth.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa76-6fe\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2rM4vPMajiMaKwPaWLZ6OnDA2pDrZzwtVQuU5ixTnaEOFx7yMkp54Nk21S4%2F5IZtlWYJ%2F6nWg8wT25PD4EWiEGy0kWNkVpwNoeigZr3IPmaSNgQ%2BsG0%2BXYKXT2axdZGt9WSGnC%2BU7w%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729daed40883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1790,"size_decoded":2615,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"3a9e00f3a6f8e5533268169f32716d6e","sha1":"f08879dc47607309996f3ace1542185a4fda7c5f","sha256":"bb7ba4985ca4de07de577195bc5c3457ef6110a911d3e3de22af79ecc94d0a67","sha512":"5892759cec68dc8214bf84ebb4a874b961fdb4ade0a0ce836e4c30a5fd8c7687a572e4226a30a091be4af78c9549e6f29f7db1e03d544961d81cd652d76fc1bb","ssdeep":"","tlshash":"8931e9a3ab616dac4ef2fd27c41e912cc52e0d897a3cd8e80d26069641b01e590bbc4e","first_seen":"2025-12-03T13:20:40.628479Z","last_seen":"2026-06-19T03:29:38.471804Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/prompt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.072Z","timestamp":1781839749072,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/prompt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 06:51:44 GMT\r\netag: \"6905ae00-1d4\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DZwqrcfXCC6WT%2FuZUaz%2FB%2F29GJqNGfDIkcYvRddQnVhfeOhURDfnUhpqvuFTGYhwL68acKJjuO29W%2BTf%2B5SFAkj0Tjx%2BCOCpVf8rKBzSSMJK3yroILYGAm53sC0PIbUsB9FpEV3NjQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 468\r\ncf-ray: a0df729fbf6f0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":468,"size_decoded":1266,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"b880e5ae37eb5f7c0883d9bac662f408","sha1":"1019b532dbb6043b8a5349150c79d120c963645f","sha256":"32103f5c03ea7c4bb88072c5f7fd3d82916206f92a298d338e3c5ad0fc7fa970","sha512":"ddd4ef30720456e5fd358064163adb279c1a22636e98c809bbcc02726fd672b0cc0602052e7237b8ec448f4c41f33cd9325fbe44b4f30edd904b97f8ecfcda18","ssdeep":"","tlshash":"8bf0dcba03554c3cd8e83028a2215cdae5b9166d1272da0d1a41932c7ed9c4abdae92a","first_seen":"2025-12-03T13:20:40.486036Z","last_seen":"2026-06-19T03:29:38.475117Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/rei.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.097Z","timestamp":1781839749097,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/rei.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 06:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905ae01-432\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lr1Zk%2FesRonWDI9BvoNX3SfaX5XmK26zpRVv%2FmS02WR5oEZRLQa8iuygxQUobJt8xtsi7%2FNv97MFxuGcbLMFL86p9Hlwv0%2FVAPR9uOMsTDJIWih5ND3mHGVzHA%2FSJJx1CTCwaic%2FiQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729fdf780883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1074,"size_decoded":1906,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2aeb53ecc20817a4906f900790640ea3","sha1":"362c83e1fdc046378bab7fa5cb038efa8a7f50ab","sha256":"79a7bb7c952d8804fc56d9a2e8cc0ec2adf4d1efc4814f8ed29adbf3d9e59166","sha512":"257e982e1a700af5e83a9cababa118a788a3bcdfb4e771ddeaf9af09701918a9e8793446da32513c6d9fc1c966c47c0ff964057c1118ac716293e0d1a4f48790","ssdeep":"","tlshash":"491186d3d8fcdda6e8649b450c2092f5df5768b015d138141499d73f0ae4720496da45","first_seen":"2025-12-03T13:20:40.454182Z","last_seen":"2026-06-19T03:29:38.47754Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/minidoge.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.178Z","timestamp":1781839749178,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/minidoge.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905cea5-955\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5AKMymbv2hW0bL3tsrPeGEc9OdCAYkN2b%2FgLj3ZvdzL093jJOxmT2HFyz4kktf024Fjj4hCvqPWE5Yez1AMVimEbzm%2Frx5NLMZ74%2FtZyT8McIHRN%2F5luqnCDfGyv8sO2mLpJiqc%2BhA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df72a05fa00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2389,"size_decoded":3219,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"8c5b11c145b2bc230af283782c1fe551","sha1":"d9cec6d88269519b3c155fcb3b1a84997b77c8a4","sha256":"9401668113d71e40223657e24fa235a98266480c81b509a25c83a5c76ce77665","sha512":"4891bb8cf0292bc0f84d73d22a3dd151acd96f380a702cfab9818716e6b181372cb8b3d8aee6311ee66de7cf4cd158b138ba60466244f335b15ac0fef03dc98e","ssdeep":"","tlshash":"5d410bccadb24cbeb7b4485d1219a5e2a40c129d106670ee17b513351faebc4f4c7966","first_seen":"2025-12-03T13:20:40.476391Z","last_seen":"2026-06-19T03:29:38.47992Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/xaut.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.343Z","timestamp":1781839749343,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/xaut.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sun, 02 Nov 2025 08:26:35 GMT\r\netag: \"690715bb-1d3\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=29u4Z9CT7d%2FTnJrlsuWJ2s47oJg3m6UZmHb%2BriOYrt1wmj%2FsiVZuBBRud53kWQAx1812OTBc3ZBn6IIDuF8xp8WwIX7rIfLGwRpShTAP0%2BoHFhHXYEAAVhsOyMwELy4EzaOo8aYzNQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 467\r\ncf-ray: a0df72a16fda0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":467,"size_decoded":1261,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"45a0a46e7f02c7b23982dc44d55dbf46","sha1":"b517baead71adf55e1f9d1425801b24a78580281","sha256":"83e6f113c489775c4fc075df1eabfbd6a08e02725a4832b1500112789cd7c30d","sha512":"bc837cd7447f4f25a3ee72cb046e4f64bccdb96ae70cd283ae3c0cc972ceb2c0c9359a5fc748389e27fb1e7f9d28f7e22c086effe99b68e14db9517846d31281","ssdeep":"","tlshash":"d5f054d5b291b8e89b0d002b02074e9507670fe00e9c06af9d7bc71c448118182d7bc0","first_seen":"2025-12-03T13:20:40.477936Z","last_seen":"2026-06-19T03:29:38.484794Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ghst.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.831Z","timestamp":1781839748831,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ghst.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6903201a-687\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M2a2pDBfgJa%2FDuuRcXFGDCS3l%2BYOq3i87V%2BGd66C7NuPwBXII01QPu8ROxk%2BYuKsohK4IO0CNln5o5ut7mNHp08guv5Doyy4IfkL3Grj3dANuMSyPDf9Y2WM8xO%2FMpf5pLlteISPZQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e3f010883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1671,"size_decoded":2501,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"a70868ca8f2ab9508d923ec74fac52ce","sha1":"19429b1dd5e8ce509eca1d194fbd8fc21df6bd0f","sha256":"decd3bcd0154e6251f6a2f75560e896919f35e6c889eb27aacac9668f58cc63f","sha512":"491cfcc9002829f4548c862fbe87d1e396e6809ecd3969614e4c35cbfe472f81945ccfd65a5f89fc07c75639e6a0f4ecfc05cd69d99f6ac8e905b0ae9142d0c1","ssdeep":"","tlshash":"ad31f8aec8023632c12d584611662e7c890108857f49851fcc3fc4a66fce9fd0698e96","first_seen":"2025-12-03T13:20:40.577488Z","last_seen":"2026-06-19T03:29:38.487534Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/stc.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.855Z","timestamp":1781839748855,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/stc.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032022-6cd\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KgPI%2F9eHLTgwqgNqb7F4lzdhBrxoVlhhtwezJkCv5YEhrXGsx2ELLNavemadZqUIwH47KL09YKq79%2BZtVPZeCdjpkBbMh5KurRU5L7FihALen8mogjCoa3IiiNKcGd7mesquk1hlsg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e5f0e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1741,"size_decoded":2565,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7e1e5848c54393fe65f4d05798ea461d","sha1":"4c6e4c9786265b057f01c4ed5e5ab873e1eb8fda","sha256":"216dfdfc2d5366ee50fdae7488815dc5926813cdb4d3fea2cd1b3887c25e0f48","sha512":"6f0309e4ba679250cddec15dbd1727ba360f55a6e715e2cee5f4425e1f6dd755667270d46b59c6f8b4fbf0579e940e8047878f3acadee2727ce76ec061b98610","ssdeep":"","tlshash":"d1314bc703a14479c9328f2e59256f4c478b6d7668c5ce3c1629aea40ecc0da87a0708","first_seen":"2025-12-03T13:20:40.562569Z","last_seen":"2026-06-19T03:29:38.49008Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/met.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.867Z","timestamp":1781839748867,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/met.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6903201d-7ca\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kZFNXs5Bsj9iQii5bFNd%2BysWC54X%2FzukxgQNcko8KwNYqXyk2UNwKOCvqsZ586tzWYNofwZ%2B9pbWMGULaBA%2FxiiJm3HXDnbJg8JPZJ%2F%2FA53YdIiZ0qwbhDeDaXRXTsxQeMyNm%2FVGrg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e6f160883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1994,"size_decoded":2823,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"48e13a4468ed8833a44b1f7c53d0021b","sha1":"ea87b43eb126da16e8d72c54ac7428a0d5e08b5c","sha256":"5a990e7f2f4e547cbf9f00a374eb6aa5203b9dc2ad4e0cab25a58882bdb249be","sha512":"35d11ab22da04121f09cb7a6b6447322277ad74e5491faeb876a803e2e00d002fae0fab589f5018cd95b56a851dfb3cd3a3d4899c4a6c5202e5e66a6e7aaa22a","ssdeep":"","tlshash":"b6412a83608dc614fae2c287c1e582217c395e1c1bcff13a43970e8137286ab9a51a45","first_seen":"2025-12-03T13:20:40.539113Z","last_seen":"2026-06-19T03:29:38.492552Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/rad.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.905Z","timestamp":1781839748905,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/rad.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:18:57 GMT\r\netag: \"690462e1-2cc\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RpFfItmXJRiaPYN%2BZwKuOlCeQ%2B9DD0GqmgR5Gn%2F1eX6OgNWDXP0ScextfoHUPcEEGfl13bcs%2Bd%2FZvWuHGLr6vFG4HoRbqQ99kjf29XxD5K9TRijPdOERP5sAUc%2FFhDMeSpcqIhxb6w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 716\r\ncf-ray: a0df729eaf2d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":716,"size_decoded":1514,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"4f96eb7c32a28d64bc8a53afd74de9b8","sha1":"0d2a2d9994dec9c1163663c765ae7a7f0c88fc08","sha256":"0483c9aa9e1e3dddef9a87e8b22e19db08c82f012b32d354d53aa5cc74bb2ca2","sha512":"4e8ba8cac23473281a472b5d3133448071c8d2e1a74e4fe0e4df83724dac61617669a02fd6990132a4ade19395442e2ebbc0228f9c5b5da1f7a9ba9c185a9835","ssdeep":"","tlshash":"7d0199e7cf3094d3c05a7f5a900198359156e5c57775c4093cd6b077c5a72301ac1113","first_seen":"2025-12-03T13:20:40.691023Z","last_seen":"2026-06-19T03:29:38.494956Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/manyu.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.143Z","timestamp":1781839749143,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/manyu.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905ceae-6f8\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TB8jLEvPjLgQY2M6eD0pPFKaVAWLcv%2Fh77UHHYizCbm2LVFb7bT2IxP7zPm6JSteVmnbpqDE07ieHUNUphiSuN6YOzs9TegpV4j0NkygHOA7X3qJUj8vmrO%2B6QqrDUzS5n9TH1E1sg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a02f910883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1784,"size_decoded":2608,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"06240c9445258baf65ce139609511cae","sha1":"503a77bdf4315852074a3a3e72d4efffa563d3e4","sha256":"869a24ff444a5c2790152362c6f4d4ff91ff12117c05ee84cbf7ef31b54ce1c9","sha512":"b51460408b5a8389fa6348faa627a37a86158d8e332c1e35ee0e0b2a2fcad10c2c980d76609c50a25dd9446365015c4c3a768672a41c083a7e150c171451d864","ssdeep":"","tlshash":"82310bdb82f2ae1fc62dda61a631c4f17cbd5b14345b2d250122c77760d642f4111b45","first_seen":"2025-12-03T13:20:40.66203Z","last_seen":"2026-06-19T03:29:38.497661Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bob.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.183Z","timestamp":1781839749183,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bob.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:07 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905ceab-567\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TUMT0ShRCHsN5ygPVzxb5NyOYnyFn5kG2BobzJaHGuVrhd3seWs53aBRSiIigABBO%2BI6E5KnfqNM7hS3eVQWR2Oa6EWxKPzAx1zc52vUDGf7TZ2ZnzPtZMf0UH0NMZKTNQtOx9SoNA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a06fa30883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1383,"size_decoded":2205,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"8f6997bf73ec8843b8d77f9be8312e8e","sha1":"9a6b6af86c2901ae026b8bd16182b8ba75b7f493","sha256":"6c73750d146f2c694163f3f10cf666544d7a89803a300a75e14f3ee12466776d","sha512":"9ebd17ccb211406f9415c90e85b0eb87546f4f34885b50808c6248a78b68d0a4c363d5603d721f8bf3fcf9e4becef0b258d08c7a5733161cfbbce0c881861107","ssdeep":"","tlshash":"f82108ab2f069032ebf78d51e9189cd3a0f466492c3884e12b8ecd46f2a03b95541f17","first_seen":"2025-12-03T13:20:40.54143Z","last_seen":"2026-06-19T03:29:38.500204Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/pieverse.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.489Z","timestamp":1781839749489,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/pieverse.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MmtHi2365iDH7qYAPm2%2Fi0ht5NofsrlWkPHcFp3Do%2BGmhBuNydIsAn%2ByKXbZmDx4sgo0U7I%2Bc%2BGlyrKV7L%2BP8EBT14vDffAETTgIj8QmcAXaDVgLKah%2BQ9B3dmrlmk9alOO62e5Zag%3D%3D\"}]}\r\nlast-modified: Sat, 13 Dec 2025 08:56:02 GMT\r\netag: \"693d2a22-3dd\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 989\r\ncf-ray: a0df72a2581e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":989,"size_decoded":1789,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"dc4f87d0901f6bcfd62e31b40fc0d4f1","sha1":"9e40340aa90a98ca51d7eaa90ce475c61838007b","sha256":"3fcfe942b308bc0a99fd4dcb3fe816fdecd2ddac2b0091b5d4d6c5271e5e52e4","sha512":"507163883a10eb899b9c0c555598a622edfdb49994f56c0d228100f294724626c6837c4def553828647a506d4ebd86a1eb38330cc67fc2bf0d77861ed6504c4a","ssdeep":"","tlshash":"5a1144db36299243f5f719778ea4c33403968c29c46c338e6269664edc982d18cd3bc6","first_seen":"2025-12-31T11:42:51.873462Z","last_seen":"2026-06-19T03:29:38.502821Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/shell.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.521Z","timestamp":1781839749521,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/shell.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sat, 13 Dec 2025 08:56:10 GMT\r\netag: \"693d2a2a-3ac\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=51mfV%2BqTG93CX47e2WHqkLyQ%2B2BifEbovO0ZbCruwUKPf7HxaFc4ZXWyqa85TmOGAjSy3yD0uv8z%2F%2FsR053FoST8j7%2FPgN%2F4EvVJs3n%2FathzwuhUr8BKi5dXDWleh%2FgfF7hzzTKpKQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 940\r\ncf-ray: a0df72a2882e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":940,"size_decoded":1742,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7a6c270055933846a51783b1f34989f8","sha1":"2d5ddf2c42039c554aa23e3081a814d06e38f712","sha256":"aa2c1ec18f6068f536f94dac8a77ad1e9c070dc12e08367c73eb63387d56a8a5","sha512":"ca7c1148099b54a7423435dfe7318760037abd9ab1c75e192de98853dcedd76cbd70810cc1aec663cbcd61d6686e0354c4e104a08c0ca6debc883df5ae07881e","ssdeep":"","tlshash":"4511f7a11fa2fc94c2b12a8da8b12c7534368300a38901e0402230d33bf2302df4b371","first_seen":"2025-12-31T11:42:51.593939Z","last_seen":"2026-06-19T03:29:38.505481Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/okb.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.702Z","timestamp":1781839748702,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/okb.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa66-498\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nG905Lt7LAprAQ8NYnlgK1LYH1gpkaumy6wxRru6xJBElYM0aVwDcWHrNAIMuCgglSnuDYnb3TqEXyMVT1pMWA7UfszmG2nYv%2BbqbMAJirz%2FCTmlcPVb86w4i2z4rf4pnUWG8ETJjQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729d6ebd0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1176,"size_decoded":2000,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"51c3bcabb7bcffda0cb522ffdba531e9","sha1":"a4afa9c9fac43f99dc51ecc5c8392dec99ae634a","sha256":"687b2105c3e1d5273520cc3594680148e2c123afda33a0d50f54e26b5bf792ca","sha512":"9d96ee298999b439aabcfadeadec2f3ac076612bfaae4c6c44e98c175560ae679dea200171426a9afbd29ccc486faf61d2c60c0f73eddd5868cd5f3c03d61ac0","ssdeep":"","tlshash":"f0213a20e77398d98cf69157e08bca4d82a5c2cddd5b1c2b924ed0302487f00cac1303","first_seen":"2025-12-03T13:20:40.645934Z","last_seen":"2026-06-19T03:29:38.50811Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aster.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.776Z","timestamp":1781839748776,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aster.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa70-77e\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uFGtshyDjXoQL332ZLCV4rgJSFIrfrVHfRlrAQGue8DKwsebDjsnR8fhMtyPQJzCN3SzRvjsffq2922URLIFKvAozuQWBf7f7Ug9KpWaGxU9R3knGARKLGOElIlDMh4y6pZkQ5P33w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729ddee30883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1918,"size_decoded":2733,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"964dfac87731d09ecbad67b47812b8b5","sha1":"0c000cb4008f4387ca0e3a041ac6e79885ee1855","sha256":"4b845d6a2ead66d0fe1fd4dfd2ac42a99cda6d26d44b3b851a78412bea9043f6","sha512":"9ed62333d6e7c7aefc1cc475a5b3e76f82f07f1f5eed31418b64fc1e1540a560ea63907b81a308314956820dc0b3309d30920101345ea38a2549ae1c0e592cd1","ssdeep":"","tlshash":"df410a5b42b6ed85dc4c62a92bb19874807b75c14cd014cf61bd483a090abe7af5aee2","first_seen":"2025-12-03T13:20:40.488842Z","last_seen":"2026-06-19T03:29:38.510722Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/koge.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.008Z","timestamp":1781839749008,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/koge.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 08:05:34 GMT\r\netag: \"69046dce-249\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UO89RA7HEi%2B%2FK0pXV41Y6oSECF9ncZ9E48eAYtGy99KXw34%2FAq1oHXfdulSa%2FkxyqTAF6SkmshiYZRpO7UGE6aJggel0O0Rbqg970rmCNBlFT8bUFu8v1tJRNRWhXDCG75wEDi%2B7kg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 585\r\ncf-ray: a0df729f5f510883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":585,"size_decoded":1381,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"f1b6ab08ccf09ab487b8b161a702708e","sha1":"866cb7ce2f00ced0bf08245078fd693097627b25","sha256":"8b5e7f61d3b27334bdd30f886004c6ea2289fab0b5b04ecd768a28b426d1ccee","sha512":"b6fcea1306ebe0c6d51673183951512b3e55e4acb5acf0e093a376acfc37ae2185c929f04e8bd25d191558f6ecadceec16cd73290bcdec7ff3d5ac6e67f23128","ssdeep":"","tlshash":"acf0e1495f9ea8b8caf859244b1855f5e0d2355cccbb8ba754863187cb933209d0a2b9","first_seen":"2025-12-03T13:20:40.630605Z","last_seen":"2026-06-19T03:29:38.513222Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/soso.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.248Z","timestamp":1781839749248,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/soso.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:34 GMT\r\netag: \"69070156-26c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T8Mn8vVVzamw8wECUzIIz%2FMFZkEGUqEr7%2FOgVCMqFpzBuirwqBtK5R4BUP62IatlrdYSGUMwYlB3cNvvckuF8Ycb%2Fo895i%2BtA6Ir%2Fo%2Fn42QL9BHMVJVtm4aHsyiusVB0Cr1xnRt3qQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 620\r\ncf-ray: a0df72a0cfb90883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":620,"size_decoded":1418,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"70a77c379b9aa283862ea275e4719e20","sha1":"4a193b5209228f6974378ec95e692f479426fb12","sha256":"cd18552fa9cae376610fdbe837ff1f10386ac9b4515c934559ae3108a8d4b509","sha512":"59dfc4b15cbd698568cc4391e4a9ffa74f3e4e88242c4faa2e6f3d9204e54daa27822ee46dbcd5e97d7ce79444f9f13c95867fceba25e06d104589a52b1b95dd","ssdeep":"","tlshash":"04f047532b102cf8fc6eda1b3374958fd7741cad09450814e7f3636a84a2763f530496","first_seen":"2025-12-03T13:20:40.654242Z","last_seen":"2026-06-19T03:29:38.516163Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/xny.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.272Z","timestamp":1781839749272,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/xny.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 07:01:30 GMT\r\netag: \"690701ca-28b\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FsHU%2FPUTcijsAYqEQOw87%2BOw1xY291eKijn5huzSIw31yU7B7oZsUMYjYe5y4wmmfU36JBOXAo3xXozXFienD6FhgtXR8HSfq8%2Brnex9YW9pDqHeZJqNsAV1juvecAxzIFJU9K8eEQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 651\r\ncf-ray: a0df72a0ffc10883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":651,"size_decoded":1443,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"6ae12b10def9dc0ce62479384230340a","sha1":"612adcb4edac54340798338207eeec2aeaaf99cd","sha256":"c365a8064f65443d794d220d1d25e16e9c816617742f72a137fe885e61685180","sha512":"70b4d7e0d22c579ffdb0519d249ef48cb0becc6726934f9b6df058d8037d91b748a9c3f545fd07fbf977b6e46fe419e2ae29fb5ebcab5a58a772be2c414861f0","ssdeep":"","tlshash":"22f0235153039ada832c92a28716b4e88b76462d4f66178a8f6ae12b5437c0e83ddca4","first_seen":"2025-09-03T18:07:12.111232Z","last_seen":"2026-06-19T03:29:38.518549Z","times_seen":21,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cat.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.382Z","timestamp":1781839749382,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cat.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sFvX4T98c%2FrDqQ17%2F2swKeS8v%2B%2BehN0py524pYYm6GoGM7P3czWBldnrtadLOdh0HdTWNnOW%2F5uT8Hvv6GDBoR0qN7I3aVNcHPf5qSdnpIlN2WLdMRnnsF3QUmzrv96We3PGJwLaEg%3D%3D\"}]}\r\nlast-modified: Sun, 02 Nov 2025 08:26:38 GMT\r\netag: \"690715be-3e6\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 998\r\ncf-ray: a0df72a1afea0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":998,"size_decoded":1794,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"3686c5e7b34fd9149187c5b228cfdaa6","sha1":"3aff19c5d547a92ef87ebb84137727edb13cb3c4","sha256":"92d8c0a3b5625a66af9433a0e49631e2d151600c63438a988798025435f636a4","sha512":"e1416185b9c439c8dd741a3f56b7f4db8fe343ae611bc1a10827968fb14e77d51ca9f3c568a2e550c95c6e0f71ea9ebad0eee05b927ec06182f51cf88d37bd18","ssdeep":"","tlshash":"6711cc566770b83b1bdb58bcce5b14fa6c3e11b343e110c22e0158014a6197b404757f","first_seen":"2025-12-03T13:20:40.468348Z","last_seen":"2026-06-19T03:29:38.520925Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/somi.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.520Z","timestamp":1781839749520,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/somi.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a2a-bd5\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cN7HK28UuPLRz0%2BWRQepdZqqqzHkjt4pQ1w1XqLXM%2Bbd%2FEEnI%2Bo4%2BDQoVYAm%2FXGmR%2BbxTWlTFIoalUgxR%2Bncgej6XaA3EuvBr6MH6X4ZE%2BuZ5mk2%2FLhCF1lqsIcdqNz00kfyoyFM%2FQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a2882d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3029,"size_decoded":3871,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"144510c5ad802d5a6a91fef7ed5311c7","sha1":"3a5da5f2712b10cda4fb2f9891099c13b93c1460","sha256":"f4442cdcbbaa26ce9058f1a7344b2b61891d0258b10eea4770caed3c44bde3b2","sha512":"44a67d26e97c6183c62db4a78afbdee505354d6b2990ff6e1c69834133c5095d005ba1677e402b66b1bf9707f24ea3a0f5aca516e3cec347ab562ee32c0c7637","ssdeep":"","tlshash":"91514c8ea247cd66f0d70eaabf512bcb2476d89a2b8a2cb2500e2412dad614dd53c143","first_seen":"2025-12-31T11:42:51.712961Z","last_seen":"2026-06-19T03:29:38.523382Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bal.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.758Z","timestamp":1781839748758,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bal.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa71-4ec\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=neuBCQuJ7nPkcesTLSGN%2BQ6OF18UOoXo%2BI5qUbvEvLh6xpSvUlQ3NK4Y7%2Fy8p3zSyh4b2sA9O%2FqvWq9vsT6e4iWiVNaXG%2BCuS%2ByF%2FW6ZLCPVtHtQ3QwHQjs%2FQ0updKhrzEtD5dI8EQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729dbeda0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1260,"size_decoded":2096,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"7e840cf9012daf701945ccdb5889300a","sha1":"911426ca64eac565d00577677f556cb4db9f8a7a","sha256":"122893ef5ebcbf8fd12954d376d5fb2af4609c7b92701b0b7817c6f8f20694ca","sha512":"13e62de14c04ce3e1ccaf571f03ae18fbb690d32a19b1b8a8df2866e4f2eb8ed4740a56dde9cd50c2838533a906fe2f23ebfbd6df88f1b7c815d36aa4c8f5eec","ssdeep":"","tlshash":"c321eae2b0cfed1ee3690c69d0584d38359574e9354255f3887be8846f04606d3a57a6","first_seen":"2025-12-03T13:20:40.538338Z","last_seen":"2026-06-19T03:29:38.525883Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/usui.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.770Z","timestamp":1781839748770,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/usui.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa6c-7c1\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LchLLd2ertX5bI6c%2FxQmB%2F5POjhWoKkSUyrGUN83TvAiPhy%2Bk%2F6qdPLke%2By%2BftmPJoieVQj70zc7xrhSMJgBhC1VcFWDKjm%2BLB4YSzlN75bY5BGBMMNc4ee8ibGDdOc%2FlI7lm%2BcaZQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729ddee00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1985,"size_decoded":2818,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"9d7b4155c09b06cda307989c9cd238a2","sha1":"8af6f21b3634d9929ece970e0eb57d8507de90d1","sha256":"12ee11b2ab2d5ee45d7d01ec2e126b2a773e3fee5b9e605d5f544b76bb8da404","sha512":"bd8f9f29e44a61bcbd7578eb6ed1241c319f41e577dedab642ff940e5e6eca0ba9dee14ec63cbb47a24a62e45c8df69ad090b3f28486726c77535b9a3a46154e","ssdeep":"","tlshash":"7a411b72630d305cf26b6e4233b280ac7e91b94532979af09a4e9c988cc5f56f708b49","first_seen":"2025-12-03T13:20:40.503254Z","last_seen":"2026-06-19T03:29:38.529205Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/sei.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.403Z","timestamp":1781839749403,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/sei.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 07:29:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909ab5e-7d2\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WEpkXPVd7ekxo7kmY%2F1tTEWwjLetew%2F7x3NzwuI0j%2BzzNy507jiWBCJ3L9LvaSDWqvTV81cd4qxo9dJgn2eptW8CEKfba%2FcEEo5di965SPBn%2BpeweC06ipya6uDFcVQI4o6jQDxoIQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a1cff00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2002,"size_decoded":2754,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"dc057a515489cd7ccdbbda91cc986977","sha1":"199e772b35e95212f2d79e1de682a100871a9cf1","sha256":"750364a054e8a6f12d36bb9cce044e71c005c861b3ef96d336d312f3eaeedf61","sha512":"834eedcfdda314b8c78be09175d57e3b53701466156b5433aa3f957f52ba02c716c33d13522e37c37752f9e8a10e702411a22c858c3cb39fc05431e09b888fa2","ssdeep":"","tlshash":"3c4108e34a73a1dbea6b017848c74b3c1b1a6d45d224a1de23398116b56c0feb046a7c","first_seen":"2025-12-03T13:20:40.658908Z","last_seen":"2026-06-19T03:29:38.535737Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/mag7.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.435Z","timestamp":1781839749435,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/mag7.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 07:29:42 GMT\r\netag: \"6909ab66-3ab\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uBbs6orOaTEln6cAYzxv16yHwVo%2B0TBS7EN18gNpRXBovWwl0BPMQu3nozLivt0u%2FXLAUgR5wdjGt%2F9yCKnKa2fqaAhUJc6NW%2FroIzVVId1vSJ0mrhBJWk%2BZ8SbREVlh5d67esqnJA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 939\r\ncf-ray: a0df72a1ffff0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":939,"size_decoded":1735,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"50a3b9be9876caf753d1fc8e59a3e577","sha1":"1d94092c188bb653af011aa548d9b8a8029a174e","sha256":"9f1ca0329e1918a1c6b3e9206c5a6bcc0c9a0c02b2b3fdac903ae68f3ec7ac69","sha512":"090e0eb3aa7be5e415633117c2c3fdb3e8908a662b2c59c1cfe6244bdd24d370ee1998e144d95861de00865c97b28b773a9f9c89fd57a4f3d71e11c855a5affa","ssdeep":"","tlshash":"db11845e32019cd6536f9de2bd059640d3e8c6092112c836796b730a731cd449b27bc2","first_seen":"2025-12-03T13:20:40.587116Z","last_seen":"2026-06-19T03:29:38.538269Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/zkc.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.510Z","timestamp":1781839749510,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/zkc.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:11 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a2b-59a\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W0lKOfaCrlMGqd5Qc00%2BS5wM2mmMcvsMzdVVcWS6%2F%2BtrRnPYN6FfgE%2Fz4LqrpqMXEDZcSrufj1PjAryfQ8eCrtf%2BetE5%2Frx8yEiKuWpnKG%2BLfs3VSORrdUKpR1wDOawCnbcSbDui%2FQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a278290883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1434,"size_decoded":2270,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"c9e45e7017fd3ee119eb3eb9b8c44fc7","sha1":"4b4271dabdd01406c2db59aa505ed88ab1013349","sha256":"dbc2da131d95e25140c2f21b058279fe5de437f50f03ed492fbfa80564ddfe4f","sha512":"25553640dd8a50d0191b5da2fbae401605f9bd7d4d6aade4bbf697417fd1d655dd713a438715675386d30755b60497f39006cb6abc1d3e1957574d1a977b5747","ssdeep":"","tlshash":"9a21e6cfef993879ea1c7ab2f5099158dbf20da27d680710200ef127c875cc77580901","first_seen":"2025-12-31T11:42:51.711544Z","last_seen":"2026-06-19T03:29:38.540705Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/lmts.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.837Z","timestamp":1781839748837,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/lmts.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Thu, 30 Oct 2025 08:21:47 GMT\r\netag: \"6903201b-291\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IB44sz7PqrOjTVES8l8VORjXEazf2gTrktIReYh%2BHw8%2BvRM%2Bd%2BR8VTRV4XdJEcL6TThgKCIL%2Bkm7cJ96eQUFBI1w4hn4wp8PtQritaDyFHS%2FFoYS0VzpS3xfJbcpai%2FgH6UcpYmMoA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 657\r\ncf-ray: a0df729e4f040883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":657,"size_decoded":1457,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"cfe307c28216f8dec9a651bfcad664dc","sha1":"2f2203b5be3ebee9174c06a8084c75244335b78d","sha256":"be13df12cca4e8d37fa83b218ec04a6875b5530abc3678d91a016c08a89b2599","sha512":"90eb7ca4fdecae366846283404005b5d04684aa11e21408fb2b1e0bd82bf33a1df678365934867eb878b5e4913c7d4c1f977d5bb9080dce207bfd0f984fd4178","ssdeep":"","tlshash":"750168f6bb5699fc741ddb38828095606dd21157013a83d04d1e44590f07d1194bd23f","first_seen":"2025-12-03T13:20:40.574339Z","last_seen":"2026-06-19T03:29:38.546682Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/eul.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.042Z","timestamp":1781839749042,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/eul.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 08:10:14 GMT\r\netag: \"69046ee6-1b9\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3%2F90OCYsAFoUH2cObkvC4GJFwXHD8ksTU73QaXXXi5kmbucyr0NnIVTuaExSZc26kNP713qWrD0EB5YzIw3GvXaCsuZyaWPU49zRMNYLusfh79dURBgAFJY8fjFxnwinnKQhXqRDsA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 441\r\ncf-ray: a0df729f8f5b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":441,"size_decoded":1229,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"1a6a4e839c11d625a69026c26eb19cc1","sha1":"7534327c29b13352438762ed6839935f208c4927","sha256":"00301b279b64a44b979be0f0471624c2111a9f13dc51178d5a3328624b06be5d","sha512":"8a7ed288dcff2ff67fa5cd1852a2755fbcc16c07dc079134fc3a458a33e40fe696f4b78acbee50a3db1431d6af77de594886794ac778be0f7f9aae6eb8116511","ssdeep":"","tlshash":"dcf0238f32363dd9cb550997252612aa78bfec3675064c923201afbee2231c059b9b90","first_seen":"2025-12-03T13:20:40.582089Z","last_seen":"2026-06-19T03:29:38.549454Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/lgns.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.071Z","timestamp":1781839749071,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/lgns.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:12:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046f8b-8bc\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zPTvVn0FLA%2BLWslpZoBrJUEzEFlqFnKdg1RqLXk3wCCgoMDqh%2BejyBcvU06UU%2FnrFCQZpJhUl67uoK057wlqa%2BTboCNYZNBp%2FjVvUTtuMwW93KisQjZejkb%2Fp4KLv7n7rXj%2ByorkJA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729fbf6d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2236,"size_decoded":3070,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2a22ccf5999c03c2a76fa714ea2bbee8","sha1":"89b11eea14a7a6c170949589ca60e7ad0544af97","sha256":"5dde1ea1468b7da468c14131a8f34c64ab1f554c5d872a502eb2308f7e125c05","sha512":"bdf257a4d75297eeeae4ec0f94e541cd9567c241c2a3261fbd06d9ba6d065d446aab8a35179f9977a43dd1898eb27ed53a9d75d17c5311e20a5a46210cf78967","ssdeep":"","tlshash":"3a41f98102f48c560d92ba38d3b67838a67a06a40d317299661976b91e3a2578d1a3ad","first_seen":"2025-12-03T13:20:40.665981Z","last_seen":"2026-06-19T03:29:38.552789Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/newt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.142Z","timestamp":1781839749142,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/newt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905cea6-714\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MXxIsqT4q6FI5GV8Cd4%2FjI7RwAuifJq98rnq3MHYmPX5bkcFMAabGlipQuTvUH3NRrlTmtPl8DrSHtL02ieNwETZ%2B2gWbP3QRJ07ffCD3lCVW0U2u6NNF0nSf%2B1qJ6e9CiKENVANHQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a02f900883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1812,"size_decoded":2633,"mime_type":"image/png","magic":"PNG image data, 181 x 181, 8-bit colormap, non-interlaced","md5":"5bf044c81f8b2cbc2e53339f2f8d0430","sha1":"25e59916f279f1a940b3572e9e4563155bac6428","sha256":"e82d7dda440e684ea09a7f01c1b604a0fd1bb4f560e17895f16296cc63d85fde","sha512":"04a56389c2cd8d64f24f3e5375e5b448dd34b79847110a9167634f1187765dbb00fd6a8339ac786aa34c59381e4a575d6a87e4468eeaecdd5a5c23f2fc411628","ssdeep":"","tlshash":"503117b0a53e6c212e1ea61896f83292f3b6f5608090a98b0b06a6d00b42ac8025c19d","first_seen":"2025-12-03T13:20:40.552189Z","last_seen":"2026-06-19T03:29:38.555318Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/dia.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.230Z","timestamp":1781839749230,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/dia.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:27 GMT\r\netag: \"6907014f-338\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aa4fRgiJgolM%2FJwzEhWz7kBtsDzNeQ9nVL1ZXbyZz1JosirMCOV42CeLiSJQVq15%2FwUnXtHrFII4GnfcSCSf%2BOrYgT5GrDjJJL8iue9vo14VHJlzqGJAXUFCJVUH9hXKPFTuuGxwCw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 824\r\ncf-ray: a0df72a0bfb30883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":824,"size_decoded":1616,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"05e7c61187f26a6a3fce5b4fe2e491e6","sha1":"e623d229b30e92ba71d983557ba2e50200fce2a9","sha256":"02df50639ea4035156d577cbe6bd714b1ba2de7f1c49a9a67a21409e83bbb288","sha512":"dae35077bc6e5ef8b4bc8a813a044a15fdbc9af642b31a58eea3a618572dea584b840b023bcf58e78c3be03ba4f7fbb316ef50ac712279b2b9e4e2e95b224720","ssdeep":"","tlshash":"d901868905d48cd98e619088d1fc7e66fcf628f16797b0d0c2475bd76e11170c8db80b","first_seen":"2025-12-03T13:20:40.489692Z","last_seen":"2026-06-19T03:29:38.559286Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/noice.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.255Z","timestamp":1781839749255,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/noice.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:32 GMT\r\netag: \"69070154-21f\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iEY1fpLEemhZQTSBGsPkFRP3f0Nr4erNbAGdviCac4LTziegcbBgHURcAL2gfuicTptdEOJBmKBlfrxH%2BWeatK1VzaecuTtvHUJf9k16a4uyKBpc6ySeBeVGe7eKyE%2Fom56BOw08Ow%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 543\r\ncf-ray: a0df72a0dfbb0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":543,"size_decoded":1333,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"c09f98b40c8f61405c7a53703f2625ea","sha1":"af91f32063e8998694597f36d4d4e321f764f6dd","sha256":"9978513989e13bf9e3eb936885a966befb5d3eeca9214f9f00ad08ca129e0be8","sha512":"cbbd1b40e3e4888660119065ad8f30369f7389568671d674a7037264f5cd51a88d87da426c4dcd331e3c41acead1460cd0608c672c0f162e49ce94e6208c5a9b","ssdeep":"","tlshash":"72f026ddd2f8fd019b0c040b6ed0e14e062145e474755c0f6269052c5151cb5a148444","first_seen":"2025-12-03T13:20:40.560289Z","last_seen":"2026-06-19T03:29:38.561986Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/order.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.321Z","timestamp":1781839749321,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/order.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:32 GMT\r\netag: \"69070154-30e\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q5b8APr4d9qlBpN3yZ3Ssr1uVPRnFqcgOgdLccG5dPWKbVTTVhMIuTzbNc60enbsFNp7BGvS07xW0y2UzQL8qAW0CoUvd%2FvQ5mRwk62UuWXwwa9vH9mMgdNTVNMy2fkWP8LCrlZGyQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 782\r\ncf-ray: a0df72a15fd70883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":782,"size_decoded":1570,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"60ff882eb106e7e2d3aa20b2c94b9f8d","sha1":"c65702c4f1f03978da6a4820e7ffb5e3bd448380","sha256":"a583b4985150386a0c8756a94ce1bcf69f20f091986a83f1e37813acf8a87b6d","sha512":"35c566dfb3c9cb8ef5364fd007e357d139c47baf062662c2994a978c4c996ddd4bed2c983f7137903fd36d136f768eac0004a75106f5f853d0e39e10a417ab7d","ssdeep":"","tlshash":"b901c5cfc63503368b9a298392055cc0a05e24f03e4383dbf79042a4acb3d88cdc1538","first_seen":"2025-12-03T13:20:40.678573Z","last_seen":"2026-06-19T03:29:38.564393Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/gua.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.549Z","timestamp":1781839749549,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/gua.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a24-ce1\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aW%2BL3S6s2TfPezyeriJEajb9fJQluxS%2F9%2Bw8Ob7fgRfO9KUQZU0N4YKHJ2maHaCEviLVHNwLJGOyPqhjywTuq5mB3GuO0fgk8LmKh8yLh9RA%2FI0ZARCyGimC%2FZ7R2rodB%2FU0jfJOrw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2b83d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3297,"size_decoded":4129,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"e3f7eafbd28afef7ae31b18382b196f4","sha1":"5f45278f39f56432bbde7d92984add4cacd56a84","sha256":"abf167f226377affc9fa4dc10a5281970430bce622e76c25afc47a5d7b40cf28","sha512":"50920b7d7ce9e5e4ce881592f8b27653da447e0fd313cf11f41d8903389b71885010d4143f1f47d8f1b2a50c6f16c76e9ef4eb43c4c7f79575f4dc23a5fadfee","ssdeep":"","tlshash":"e1614badb60c6a3814631222e9b674674c5a3c1b56521831745320c82e8bbc57a13e6b","first_seen":"2025-12-31T11:42:51.571176Z","last_seen":"2026-06-19T03:29:38.566783Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/usdc.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.706Z","timestamp":1781839748706,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/usdc.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 05:47:23 GMT\r\netag: \"6901aa6b-3d8\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qww6O6wl1TJ5JHpheDI%2BAD4Xo87P0PYD%2FefOrLlzhDPVdITpBr8lOShD5XZQo0EeTxWSw6Qvfdcavn6SM9nefWVtsTXHdAf%2Bpmb%2Bd63IAadikuRYi0q38V0acWdwcOkFCsFNgUz9qg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 984\r\ncf-ray: a0df729d6ebe0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":984,"size_decoded":1778,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3","md5":"2584319ea6985ee42d1a020cd50c15c2","sha1":"09469ffc16a2c8c2d9b3d93c7c1d7e9c42422faf","sha256":"c2195731cb41fbdd90a80d43f70a67e6aa788b3bb5c595cd230744a009cbbb18","sha512":"09e9669daa3b1101d21e921bc008edf5509eee7c3287ef728e735823a60ba05d5173cf357e9d9373a1510a78e6ee38e721713415686edfe140d34fcc0cfc0aee","ssdeep":"","tlshash":"0511983f2711dd3fcb751fb714296f6193483d057420c546ddd191b0aabe5890820b40","first_seen":"2025-12-03T13:20:40.672133Z","last_seen":"2026-06-19T03:29:38.569765Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/zec.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.731Z","timestamp":1781839748731,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/zec.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa6f-717\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kVoUzJuxDd6rc5yj%2FTvYyZNzBUzpZpAXT8F%2BKpjzmiAEE6T8%2FE8LuWgS%2FnPzsaFyM%2BgyiMFWlVUH9j%2FxXka%2Be171YPboNqQCpOUNBxqVjR1JWvq0eB8GsqmgrdAKFs5mFWtjQar7FQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729d9ecb0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1815,"size_decoded":2644,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit colormap, non-interlaced","md5":"913bc6a6901e9703d6900e926ca83132","sha1":"65cc5cbcaa75510d0c5e00f638e6ca29f8ddb14d","sha256":"4a77f020b58b8161df154d1c46f547ea81136e5c7cd3b7eda714ebed5bbcbef4","sha512":"c92c62f7740fac250165ae6a4d7516b70cba365080f87049e0157162c8f8cbd350e7443b70a8fb6d0446deac529a1af92c2ba184790e70e8e09a85dbc694a95e","ssdeep":"","tlshash":"53310bc1fea47883883b9152e2797c5473ba43b430ea27264cc2c47aeded05e93655da","first_seen":"2025-12-03T13:20:40.519324Z","last_seen":"2026-06-19T03:29:38.57226Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/shib.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.742Z","timestamp":1781839748742,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/shib.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa68-7a0\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AGB8V0yG9irtL2NGm0IkQq0hZFLIu63E8OT4xDDhf3ZVrbdCPWJoLay9Pwatp226%2FaGH6fU05Gb6z3mG7xBbqq09B6M5AviA6S5FS2FpYPOYRcDxHOvcCmzt3nY6IvZs%2BSfEIaVr%2BQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729daed10883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1952,"size_decoded":2773,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"eb493a94158242af76721e4a94c1eafe","sha1":"76e421bc0e584660ff9292dc918ad2d10447037a","sha256":"6998c98f5f1cd3f05e0280e3727b4a822cc9899e62992356dc5d842400bfbff8","sha512":"59a5e4d77d10577f5d5939fffd3876096f5b2aecf2776ffaee714b1712fe254bd505c96cf9e96917b745fe0ef61378a6817222521de694ed706adaf7468c12fe","ssdeep":"","tlshash":"a7413dee73d18c82a33f4150916caf5cf1c126d1d535dd776460863da53c236546aa71","first_seen":"2025-12-03T13:20:40.470794Z","last_seen":"2026-06-19T03:29:38.575537Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/fbomb.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.822Z","timestamp":1781839748822,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/fbomb.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032018-77d\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4AJkZDNQRddTKl7J2islsVSj8MO3JeGZfLP3ztwBhlJUu6ku%2FsiovaiojCLHsN%2Fro1ZBwXdvzUUoIqKkjxkIJC7OWta8lkj2rY9Ua%2FBZsyPpGlEEfQX0BZhQRd7yQe%2BsYFhsO05XXQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e2efd0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1917,"size_decoded":2732,"mime_type":"image/png","magic":"PNG image data, 73 x 100, 8-bit colormap, non-interlaced","md5":"c2b28a608fdc72a92cd3179484c4e4c7","sha1":"07c43faa7bfec2318ef994af32f81f1f4ea78879","sha256":"80dde31427315bdbbac567a63d10c7d59122385d7e58b95395070e5d6485f386","sha512":"2c5f3e9445063262901e29832f9d66c02d20d8eb5017462cfa0a6bbf689e966ea53a58c8bfb926f7f1e9c0e05849d095805bb9e00f472a416047ae88fae208eb","ssdeep":"","tlshash":"85411976df9ebeb2c24355b056b11cb1f262783a5f510205c042342705d03a5fc6ea0e","first_seen":"2025-12-03T13:20:40.45044Z","last_seen":"2026-06-19T03:29:38.580189Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/anyone.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.356Z","timestamp":1781839749356,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/anyone.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7jg0hFlxhCGYv65zGwhbtTqnRmgTOS9D0pyFgMzDK%2BmnGf2LNCVkYlPZuKiu7blBhBlt9Vk6bo5oe9I7f92ngK66eblGSofT%2BURHoMoMTFZu9GIp7jeLvQJ7mxuSlw10s4olrhSCEQ%3D%3D\"}]}\r\nlast-modified: Sun, 02 Nov 2025 08:26:36 GMT\r\netag: \"690715bc-3ca\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 970\r\ncf-ray: a0df72a17fe00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":970,"size_decoded":1760,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"587c0f96df95c543c3db1cd97a3f9674","sha1":"f0d1e3cbf2e69cc635f8ad77661f8eb7fa2bdfa3","sha256":"b38b67a9efb57c80fa932f1cb399a39f91cbd46a18de3763d56ab68b953be459","sha512":"fec5b67a2ca000d06a4ec8c59217602b1e893ff2c1f1a0741ed964a32aabcb038c364fbbc1056d80b7b7f7185a70f89aeee0bca88e1068335da0caa93f93a8c6","ssdeep":"","tlshash":"9511c83575d8af99e143fca98d056593d9a900b0599f45c24e425074e623214584e38d","first_seen":"2025-12-03T13:20:40.543807Z","last_seen":"2026-06-19T03:29:38.582772Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/koma.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.434Z","timestamp":1781839749434,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/koma.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 07:29:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909ab65-6ab\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dydp1CNoKjv%2FUY6pbCIH8jS9w8aCPNZpwH7qADrSPgeASdJ2YKwgTvjv48fLMo9AUzAWTSuuz6m%2BIqNZB3Pyb0EHkaVj%2BZCXSDEotSBRHKJfAlP8iMVajPJDgMpDmMLb5v5pJ3aCiA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a1fffe0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1707,"size_decoded":2533,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"519c0106c268f99d9d635802c5eddf4b","sha1":"16008b26ce1ce7372072fa005a38bc9ddd38de4a","sha256":"fc540ce7d78a4d875fc27dd21febe3ce1f4bdd58319fac255428ad0563b89ddc","sha512":"2d9c00f5da075a8675d481ba8ce5050d61c3389785ad454fbb20f34e79dbd13be390df5fa2e99666b86d62de3ec2ba5cf5e4cc31531735de160de8b55ab97f24","ssdeep":"","tlshash":"613106e2b42c5614bdfe57b54a640230ab60298e34130fca35a6ce4893e182bf702960","first_seen":"2025-12-03T13:20:40.61845Z","last_seen":"2026-06-19T03:29:38.585275Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/favicon.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.669Z","timestamp":1781839748669,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 10 Oct 2025 06:59:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68e8aeea-95b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yMqM5wgRqKxISps3IdTlWYebzlobCfc2COYhl8KIDmXjX0dpKgevOzl5vfVcAy85cC4OEH5oDslDEud0Pm7R4hu0sd6TTyxCQF0GU8pn34ygB%2BP4YluSopR6FC5qzkOSSv45SPm4UQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d3ead0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2395,"size_decoded":1182,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8da696f76f36fac9e646a1fdfed2cd18","sha1":"c90281ff8ce1090285d213ba11dabe96c30d158a","sha256":"643df189b333e2bd6a7435090167f34533c2d4524467449b41e2d662847d0b80","sha512":"9a7f582fcdadcc12724c2b87a220d70a4175fa2ed4e9bbaafe9817f90b607ccbf27d4e9ca88d9d9484e825efbb431f891e3d099bc26aabf300db781697ecb180","ssdeep":"","tlshash":"23419d7dc389d278ca519b98cf7391f1349a586992f9d3b44368cb51b3814e4d0eccd8","first_seen":"2025-12-31T11:42:52.168062Z","last_seen":"2026-06-19T03:29:38.588082Z","times_seen":7,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ping.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.494Z","timestamp":1781839749494,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ping.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a20-72e\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2bjG1hvxJlQaxYAmOV06KcArJVCU6SMDmx40cBaIYqdE6QcwqBObhdiI4Jko%2FpeQ7k9guvv3SbUT%2F21P9L8pn9X9L0WD8fMgdgZDvhxWFpwmkBG4j9tPwlyL5MfdBuXp5uinJgSB3Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a258210883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1838,"size_decoded":2329,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"e1b18a0a4f47a38870f7dd880c2b55e7","sha1":"9a9eb515e397682439d0888a3ec2e6266164aa26","sha256":"e6e93e7783f26ecc9f56f2d960212ffbc13894fe3b1179e5c42249ca325b9ef2","sha512":"cdd72a5c5e15c8bfe8b60c100f82073ae73025af0ffd288ce59d9fbfaefd4444fcac41dbeda7e3e50e3208444c7ceaa02b6b1e97b3feb0f32f26aea92129ae24","ssdeep":"","tlshash":"2631d66ba7268b03f11a06bf40d08f20b7737e369d18a26e8380a3171e465c9884a685","first_seen":"2025-12-31T11:42:51.583098Z","last_seen":"2026-06-19T03:29:38.590711Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/eth.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.680Z","timestamp":1781839748680,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/eth.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vb%2BtNtIzRn9dQV0b%2Fg%2BYOYNQbwfvxZd8I0bK%2B6m%2FProiIBOdSho1dhS2mQqUc7U4Y6EdsbkTBQJBzCuHYMFgajs%2BNNsoLghZEJG8Yb9M4gitpia71iO5BJWWVT9cq%2FLq15sWWyaJrA%3D%3D\"}]}\r\nlast-modified: Fri, 24 Oct 2025 06:21:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=5,i\r\nage: 291\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"68fb1adb-268\"\r\ncf-ray: a0df729d4eb20883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":616,"size_decoded":1067,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e12a16a7c525a0f18ea5dc0ab12661b8","sha1":"d2c944e3079dc3afc798dcbacdd74d25eefe6fb9","sha256":"d67af686b5084f3e032632eee503e0dfe5179450cdfd25e5d3933231d608ec49","sha512":"47d550a9c6f4dec58a1fc68dfed2a7debf87dacef2575bfc9900c7083cf707e24d37a15ee44c1cff4ee86775cef4f4206ca7856e5974b85f8a9c9cf327b0e1a3","ssdeep":"","tlshash":"62f04cf85ab86454a86a1f7cda3d54d33917b1fa073814e2b14c1d42ef4985b8c977c8","first_seen":"2025-07-02T10:58:03.996705Z","last_seen":"2026-06-27T20:44:35.29093Z","times_seen":56,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/tibbir.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.815Z","timestamp":1781839748815,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/tibbir.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:13:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da9e-910\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uygDO5%2Blqta1SsBoGLxTpN25JBCLIduPEL%2BYNpjPQu%2BHfLmfoSTjrmN4RWfpV2Gu7VVdEIdjHkzm5Zxt%2F8okPS22bzLs9HQRNDtWuYFG2%2B%2Fo27a7WZIsFTNam130fv67hUKzFBouug%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e1ef90883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2320,"size_decoded":3152,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"035b1d8cd72101f514b58b11f885c8c0","sha1":"b67fe5fb9e388ea8bb90edfe1e1e1f2beefbbed3","sha256":"ed1b8d318524122afc90a29eb7d233cad361d0f45cc328d11f6c25673e25b199","sha512":"ef0e4cb42c86f07b0838b980dbaae745e2895fb21358da9f2c07f33f5ef02cc0d2c2bee8d78ef472a7c22faa44041769d8aa3821713e040c535702df555752a5","ssdeep":"","tlshash":"83412d9fc3112e94c556263f82959788c8257034d52828e6f8d71c3e2cee5711faf2e6","first_seen":"2025-12-03T13:20:40.466819Z","last_seen":"2026-06-19T03:29:38.596071Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/volt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.371Z","timestamp":1781839749371,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/volt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 08:26:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690715bb-4b6\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FJ3ot6rc7Yulh%2F3pyuLJQg1%2BSJ4kp7UYIpdDkn%2BobTirxygjoJG%2FK0MAwLwVIzNpasr2Gl9%2B1PYSKFefMjah49U3%2B%2BUsG9kEaZB7UJPlj31L1%2Bl4TRk7CmPuYUXsloOhV8prSUzvKQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a19fe70883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1206,"size_decoded":2042,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"e6a9efbb76806aa03cf15dac9bb620bf","sha1":"2c059c34358d22e378e80988a7a95825f5838112","sha256":"e5a9b4157581b938de515b47e5bb20bb747788a56f96814e95b9f003e54fbbd5","sha512":"ec84e3550c5f1c8cc89b8757fa3cbd0c7920f257f076d072e65f33a70302a9278aa0b72fb204bbe9ecc92fb1aa53938b2b4c12b21aed8826d47eaeae70059d97","ssdeep":"","tlshash":"82210ae721ba9a055496a5d181ca1c187c5f11e893eccab1d962f31ccccd884c4fd808","first_seen":"2025-12-03T13:20:40.573609Z","last_seen":"2026-06-19T03:29:38.60128Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/zk.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.413Z","timestamp":1781839749413,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/zk.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 07:29:38 GMT\r\netag: \"6909ab62-2f4\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FOrUGLB6hMU0%2BijiKRl7jV4BTsNdYWNk7GG8Wk5CnUOWE91%2Br1PBAUNISukK6wY%2BVufySWHUqt0VzCZ0mnCNlSLoT1vgv%2F8Inp63%2FPyq5vtUHsBaKJlXL%2F2XIXnGnQn8C1XwpNLJ5w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 756\r\ncf-ray: a0df72a1dff40883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":756,"size_decoded":1556,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"278267ce06f2a8c24402c51cc7ccefc5","sha1":"82e99bae230596c0d22306ad423e048e7c6e2799","sha256":"1cba68fd58ee9623d88877eeaea5a1d28db0ae38060eeb26d7e8d36d1da5d6cb","sha512":"cd87a8ecd0019736ef3b5abbae0afd91aafe27c9e55494555f23df30de4ea145e50d24ee09b5d384d7b53b33bc2b065c03d0657a992ce6f8089db03477542102","ssdeep":"","tlshash":"2e01706773028978c0105509277719acef75290ca697eaa7d207ba35cf4a22a49c8789","first_seen":"2025-12-03T13:20:40.684803Z","last_seen":"2026-06-19T03:29:38.603799Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/sss.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.851Z","timestamp":1781839748851,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/sss.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032021-623\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tta117%2FmcMLoNR6Y8V4luC7mKsfUa%2FYTIHwFsCnXPznZCyNyIykOPC4i2Aw5v5HTWBvqrk3RoPdeoGVZSnmTq9weg5U3ZKVYOjf7bRC%2FzP3qAmjjuOW70g%2F3i54raRs0LSxVUFc3yg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e5f0c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1571,"size_decoded":2399,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"82bef6c5157a1422602583cb69ebb8b7","sha1":"7634c411775ecc1738948e52ec9ef289f7ada540","sha256":"e943537f828691bf1369c25057dcee3b6fa40c020cca6e7cf144a9c3033e4c61","sha512":"f04cf5b364e46c0be53cead1764754c9e96c4dbe9e8f077db25952271e170bdb2965201dd379b06bb6241807b3594739d73d7c35b2bb3ec3fe16759fbb29965b","ssdeep":"","tlshash":"ad3149f10d3b8b34ca7a30338432e28b7f979200ab52c4629f50c3cb19e992951b888c","first_seen":"2025-12-03T13:20:40.615279Z","last_seen":"2026-06-19T03:29:38.606996Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/fox.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.917Z","timestamp":1781839748917,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/fox.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:23:58 GMT\r\netag: \"6904640e-27b\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X2uPFYBiJX1Yk7nqyhYXGQTpO3e5PgeQ5viaKr%2F7Z0SjSdreAOMt81OIz9QhfoRSTZBJmjaPYz0KhlI0W2iOsjWk9o545p%2BVlGrlfqqi8dPdZYa5f4V55grcbgiwo1pob9sYbsxBQg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 635\r\ncf-ray: a0df729ebf330883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":635,"size_decoded":1425,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"83f944cef116e0519d09900c821e2ec7","sha1":"af83d4d552415cdaf6c938472fcf6315fd775ce5","sha256":"876afe330c968cf00529b5c2070d53c2d7724c3895601b7966c873cbe01fcf49","sha512":"bb9305c6f98901a8b49defe85f586ce9b93e3a67e156b3952272ea18ff1def7f9792d8aac079d4b0a5e91e4cd7961a14b42edb1edd6eb717cb6ca08745cc727c","ssdeep":"","tlshash":"69f0ddd156308e31db4928ae03cf4df5a7e596e008c307d38fa1e18658538e4a8ed787","first_seen":"2025-12-03T13:20:40.648694Z","last_seen":"2026-06-19T03:29:38.610906Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/skyai.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.174Z","timestamp":1781839749174,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/skyai.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 09:11:03 GMT\r\netag: \"6905cea7-334\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LYyaiDMC6ZmDnHnXNljQXHVvO9TsCYSjK3PWRN6GxBMR2XB%2F6IxxpTzLk%2Fp3YBZ652qOQ621%2B9Q2NRwTBOiLPE%2Fg9MDXh6ghUf7%2F%2FTfK3uLQH4P7amvty72HJ4BgTRA0TxJjEmjDzw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 820\r\ncf-ray: a0df72a05f9f0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":820,"size_decoded":1618,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"a12289ac870068dd686cf1d3f739bead","sha1":"0368833d2a5425c2ecacce2c95f05f14b2a51387","sha256":"1db086d06f84ae235756bbec6666fb707706e329200c45dd7af9185bcbe0e189","sha512":"6d4059986f83d7c619b6b5367125d698a690fd50616b2a116e7b3593a13ae219c5071d35a46c29b05dd31eb1ee3521113c0b21c6243a1d57956ee97ecc3cae36","ssdeep":"","tlshash":"d00186e603742f8ccdc8da05588e1ef17838a3159c11d62faa46152a9a27d5028fde49","first_seen":"2025-12-03T13:20:40.506053Z","last_seen":"2026-06-19T03:29:38.613387Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/collect.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.594Z","timestamp":1781839749594,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/collect.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Wed, 28 Jan 2026 07:12:15 GMT\r\netag: \"6979b6cf-392\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vRfvlthe%2B6dlhdB2WPD6rUkvsBt3H35%2FNkl3DAYdlwyzo2qP%2FPpfzu%2Bk8D1HydkRER7utyCJCIFSIwTewyDqNeD0rp1EGU166HOyL7cOiXPP9mq8xQYXYpSmmt%2BcvbkBdY2Bi4Bm7w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 914\r\ncf-ray: a0df72a2f8510883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":914,"size_decoded":1710,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"0a505d62fd5fb32a47ec181ea8a385fb","sha1":"05a89f7e272d9bec1a19ab9a31587a2fb5285952","sha256":"d2afd8875968a1fc3250eb41c11fdeb2ce2d1947fd1c9589ffcdef4c261c1c8b","sha512":"3d71aae7d2c7490881ec9cc30a3e5801324ec2ee6e771ba2f81108d0c0cc777c9637a99a5943bac2e8d6a587f1a79e0dd9eb2457d9c318b2cc7abbd1e3d5efbe","ssdeep":"","tlshash":"3611f7e38daa2c38ca9201f37fb84746200225794363802b080bd861ecd8030c3b5c13","first_seen":"2026-02-18T12:44:30.921082Z","last_seen":"2026-06-19T03:29:38.615539Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ldo.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.734Z","timestamp":1781839748734,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ldo.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa78-824\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xPxck8dTDqUXQU0UdK5ODXDSkg4eS7DoUPtGDR1W5DD7kzE2bCQN%2ByWJA3xXofwCjQjIZ1wmpqdOVm9tn%2F%2FqNTfyWHMY0wp2EYo1r72OXaNtOcU%2Fssfn8cktbbck4U8LSumLie8cyg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729d9ecd0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2084,"size_decoded":2817,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7271abb6c37c1e61ef34c8e283076dee","sha1":"e0e4755eeeee939d82cce0fd29a9fddf3d3458a2","sha256":"33a872365f18a62c4943170dcc58ea3a2a018e2a4008da3917654dd5fb2ff64e","sha512":"be983efd3cac9031726b46b8520ba6faa788ed1090bc2143a21a2d54b391db79d1d7d797450d816eaa6e81df5617c785187a59ea29c2ace1b9fe0b78fbeeac01","ssdeep":"","tlshash":"8741e86b25d83754a2f05e6e84a38dc26068ee642e9408435e2bf1323637701b27b351","first_seen":"2025-12-03T13:20:40.445151Z","last_seen":"2026-06-19T03:29:38.618128Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/drv.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.780Z","timestamp":1781839748780,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/drv.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa6a-861\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EjmRLOQnTGXNqHzUXC2OFjiNcOjhz6DQBkcKFcqYlmsoE7GL5nS8N%2BcZeCWmki81mIBRNdjFqCw65rhZxr0XO5WgTmxwx75HXnYynWACFcq2DodrsGxkXg9BtDjBps4TEQdG7sDXXQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729deee60883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2145,"size_decoded":2967,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"8b348681271da48a38fe05fecf32da31","sha1":"2d6cfca963f66f60146e1a862ae99d1bf83c59d9","sha256":"10519dac5587001b0beb469034f8cff662437ee63dccc0c8d60d8f055f9fcccb","sha512":"382640e6ec36263952f916e56be2ec37bf5a7ccb2306b4e6a6029ca6a016162cdc7dd52b9d8cd1db0dc5c40b15fec6ee953645bbf7984cd997323116ec2ec292","ssdeep":"","tlshash":"7c411eee9e3b302680575ab50771ce73d4469b7c6241bf40841cc379695b187da9f706","first_seen":"2025-12-03T13:20:40.595364Z","last_seen":"2026-06-19T03:29:38.620504Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/omikami.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.900Z","timestamp":1781839748900,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/omikami.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:18:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690462e0-5e3\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uNuquLOSP0qOD7XfU2WMKV5DfSPVhgo%2BuAepf3sWqx%2FsbR9WXYqdSVRQvF9U1RXCa0aiJrS1SgqDINTAmn%2FgzWrDNkJVIbP79sa5asgb6RnyrSNMi70MPf9m84eWCxTq4bHjNLQ3%2BA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729eaf2a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1507,"size_decoded":2335,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"bc230cec0eac7f5019f78ecc76a3d5eb","sha1":"63ba78c60a0fb603e3531a27d9eaa8a31f1fe40f","sha256":"bb2394c7aa5e0188e997b4f50746b436d592e4d2baa54b7d5d3ec01a4c4d0a16","sha512":"051129b702bc485264508dc45bd13d63e1e6b7ccad718631435bc6b46f546130fb9ef4a1f5eb47ab1e51313dbe8e421daf2ce48ae8582332c2ac06594d80b4f7","ssdeep":"","tlshash":"6c3129b32e8e3e81caeba648df1ac141d3511e18502980046bfddd07a625923b3a85d3","first_seen":"2025-12-03T13:20:40.568038Z","last_seen":"2026-06-19T03:29:38.626112Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/neural.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.941Z","timestamp":1781839748941,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/neural.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:29:43 GMT\r\netag: \"69046567-237\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jr4gGKI5OjCkjrIFYgz1dMwnXJ08dMYyWMe850R7KAxKy4xf1%2FhH2OTPxDs4dKn5X3FyR%2FE%2BcMPUh2zMqa31UDLNhfDkOvYRsD5wMnBvHrtx1Z16NBzDIt3Bk2YEHoMptW3CKkBDAA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 567\r\ncf-ray: a0df729eef3d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":567,"size_decoded":1359,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"137b4560db22dd6deba77fde4d895e26","sha1":"7afa5a05092a7b33b38b4874367c28bf7fa564f4","sha256":"3975cb00f9312a47f550045ac3a285a16d1a853ebf38f67ff674556ee6210639","sha512":"f46d5524429a9113b4ca11ad7a856f036b3abdcfdfda9c6774183f8cebd02a42196bbf7474becab4800d6e602811b3136deb904817fee1261a8a35e5aa583ebc","ssdeep":"","tlshash":"81f0e19357b55b18d214e3e256a2ee30c57390860e988c9c34a78237dba2564c9609db","first_seen":"2025-12-31T11:42:51.71705Z","last_seen":"2026-06-19T03:29:38.630061Z","times_seen":7,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/base.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.674Z","timestamp":1781839748674,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/base.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\nlast-modified: Tue, 28 Oct 2025 13:43:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Du6r3wSvA8ZxMmUB42cJ6BY6PzuKGBnDCqBFvfCIM4g4k6G9RGwQ0W8CmpO2u9kV4BCeA4aVwtLne%2B43x0f8ScdiHu2mleDqjxGR1C0dFCRwG6sS9dYYpakkf%2FlY%2Flojgu%2B5PaTJ3Q%3D%3D\"}]}\r\nage: 291\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6900c881-157\"\r\ncf-ray: a0df729d3eb00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":343,"size_decoded":980,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"17ed305902ca59ab013eb408cfc95789","sha1":"e5965d86586597dbf832de9afb10730c53b72fdb","sha256":"244f7291bf6d43108fc4266c69aa6335265802c0e4ec0187f9dd8336f5298a02","sha512":"e14410fa44588f47b65be9abb22ab893f6b25c8732d3968183203c871050f9c4c31521589d4fe8e7cc0bc46a88bd786fa7c07700cebf72810d41b386219a5486","ssdeep":"","tlshash":"5ce020ed54040a494a58c3f5f22c05a9142db85190440155d3441d32718336b6c5eed9","first_seen":"2025-12-01T06:40:31.130025Z","last_seen":"2026-06-19T03:29:38.632366Z","times_seen":20,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/usde.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.709Z","timestamp":1781839748709,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/usde.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:23 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa6b-822\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lmMNExCv%2Bn1ZW0R0SuDYwUa%2FDi%2B6vPu34aIj22VA5tn34PXpw6dAnRSONNmtyqSXoA0qsmPU%2B0AlncmKjZhinZo5XAFnC8Fp7Yw54fFyrkpyp9Ma%2FDDAeUO%2BY1AicU8ti0y%2FH4cEzg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d7ec00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2082,"size_decoded":2913,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"b0f8ba2bd7efaaec59253155530e1421","sha1":"fb898e56a034cac6cb350c7ea7792927cc254d61","sha256":"34b66133391f22d5e2eecb1907626d74c6374fb0115f202c3fb21b828b2db663","sha512":"bd1ba050e52fbb03e2c9fd407aa55ede94bf8953a1c4b78f74fa690f63f7fb201d4b855d935a9cfcc2d378bea2ebf8109188f60812df5421edccb9f332b3e7f9","ssdeep":"","tlshash":"02413a6fd0fcad9fc8e4009d660cd0f4d68bdc2e74d3414b34862f31a50958545071c8","first_seen":"2025-12-03T13:20:40.587917Z","last_seen":"2026-06-19T03:29:38.63474Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/rndr.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.792Z","timestamp":1781839748792,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/rndr.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:13:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da9d-928\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=os90ywdxc%2F3Xxc8kyXPnyyA%2F65jtSXjekDGZrJS3e6nf%2FdpE5A%2FjPtUtdohhTPZ2MltVKOzk%2FotiIjGYG01MAVFBu26bvKAjyk1dvZCvAtprgDjgFmFiqMvvwbjIUQf0Ka9J0Pz2vg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729dfeed0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2344,"size_decoded":3174,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"988c57b7d23a2dbd61f0127dd974c547","sha1":"35e4acbc53af625d9daebd652037b5b089138cef","sha256":"15090caccb16c42150a584ff0c55c55ba781d706164076f4aeb7e63165451a3b","sha512":"54c50edbe4fd69baba65ba4ef17722d385e3cf18c8b9b79eb346abb799573dc976bf6dd2fcf1489bc69c3b1be2f7793102ac376908f6a5343edd1c56737b3693","ssdeep":"","tlshash":"97415bd2ef4214b5a0a94e30909b5140e8fa54fb40cc03b632b294a48b755cf78829cb","first_seen":"2025-06-21T01:42:50.226052Z","last_seen":"2026-06-19T03:29:38.637404Z","times_seen":21,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/beam.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.793Z","timestamp":1781839748793,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/beam.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 09:12:57 GMT\r\netag: \"6901da99-32b\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LCr%2FT1wfneqGRDAEaOd%2Bsp4u2AeTEHFLtqWGqC4HSk5wyBo3FdeizIBNBlwxlj1JTrc3zPgK1K8bhOAZ5SmBLh%2FErPO5dwDsW57WnPD6nkbGHDESbg6HjLdYHxNZqGqICfx%2F2IbPnQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 811\r\ncf-ray: a0df729dfeee0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":811,"size_decoded":1605,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"ee6f2e6c4fc02892bb9fe2728030e434","sha1":"2fd33531c9eeb28677a9eb5397f94dbaa5a9b6f9","sha256":"1f4e73e7b0cf9b0bc560f71fa7b847fd9fbaa98732026657f674e080c36e06ba","sha512":"6de5b7147f99e30421da54d4de165765d557d14b3d4661442af17638efa2ff03d8f9f5b272002e2e284f8c068df2f3bed98366d7386e36e881639c7f58583a05","ssdeep":"","tlshash":"9301462653159dfcf50c00f15a86d847b8b36772e1428ab46353bb0009a5ba85bed49e","first_seen":"2025-06-21T01:17:49.631761Z","last_seen":"2026-06-19T03:29:38.640298Z","times_seen":23,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/0x0.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.945Z","timestamp":1781839748945,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/0x0.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:29:45 GMT\r\netag: \"69046569-2a6\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BHwOQ0vb54z2cTJmZiITuioUmRMeK13mHaKSg4PpwJUikjDoux4j0NhIFLO6Fforrlx3WdPRq3L5EbEutmAfCSKUXvNMwYlazcrx2%2FiaiVMVnBO%2BQedR4HRXZRi%2BTdAlGiR9T%2FwXYg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 678\r\ncf-ray: a0df729eef3e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":678,"size_decoded":1474,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"8d46f747250a9217b4f3f08a9940fc74","sha1":"30d8ab94e41fbac7985b1f8787be9119aa512c1d","sha256":"0bf0bcecc9cbc5dfc703d12a4676f5109e1579fb19fd7d1fc4e5aea58d5a0bf1","sha512":"70c8941a1c6afa38341ecb997460d215117420a8502860141ca0ac7503ac173e2df3c90f7ccf6c91d0cc204695b71f84a13c5ea40c267bc01872b8c45ae42ac8","ssdeep":"","tlshash":"f5014487394d7d68b65f4fff1c1b4a90df2304485b5a4d82500bf1a5df1440bda9a0cd","first_seen":"2025-12-03T13:20:40.528903Z","last_seen":"2026-06-19T03:29:38.643052Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ssv.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.302Z","timestamp":1781839749302,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ssv.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:34 GMT\r\netag: \"69070156-189\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YYAdgxk9aC%2Fg03uKfsBgXmIn0rjhG6FV5kdo1EtNna14GzGNJiPlH6Mh6MGLIaH8zlin77N4WPmKfzXwcac%2BjAGjm2rc%2FL72zon2yDsMmzcsjJ0WVGHIP2P7Y5otASrf0HfdFIRO1w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 393\r\ncf-ray: a0df72a12fd00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":393,"size_decoded":1185,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"e0068f365f2bb048fd3807f806c988e6","sha1":"27a63f28088064240ee676ee960954d38a4c6015","sha256":"01cf8770bfa36e68eaf306ab4fa672e31b465f0479302a907f7bb5fa07d13222","sha512":"6d4e99cec7a057eb7fcef261462b4f67134253acb391cf13a003f80d9e23543b3f8e444ce446980b41615e3d996653d04ea86b4c6e425f8d5ee006691000cecd","ssdeep":"","tlshash":"8be06ac3c7401c3c4341a1ac3f09f417c4b7d3a0281b9fc54334e232c99454511e71c0","first_seen":"2025-12-03T13:20:40.488111Z","last_seen":"2026-06-19T03:29:38.645874Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/evaa.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.455Z","timestamp":1781839749455,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/evaa.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 08:49:42 GMT\r\netag: \"6909be26-1a8\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4NO0LiLhUr8kqOkHPnoCWUhdHyIlhIW80ozXTAw1038MjlMBWdUdS7C%2FDORtu1RcVr9RXQICi4sCeso0YeQtcjnezZ5W6FcSDSjA%2B98lw%2BsMhKjtUFVECBPBAVqvqUz6UZb25DJtCg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 424\r\ncf-ray: a0df72a2180a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":424,"size_decoded":1216,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"78b944b6bef30f3a30d1a8c664aaf4f9","sha1":"43afeeea7642e2ac51fff5d63f35dc5e9d4278cc","sha256":"e6525212480715d4bad3d6366bf636053bc2006f213cc6cd095ca18a43354072","sha512":"5d5b463ac90318950a695589267cf847bc65c40cfcf306e6942179f28aeb427b83e4180cdc139a5e47443934daed28b8759b320ffb155503ef76f41e2dda7251","ssdeep":"","tlshash":"1ae02bb77f1ca0b5c125cbba820e1c88e82a125caa100189ef214866437bac0437fd9b","first_seen":"2025-12-03T13:20:40.626922Z","last_seen":"2026-06-19T03:29:38.65273Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/fai.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.094Z","timestamp":1781839749094,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/fai.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 06:51:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905ae05-d1b\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KBXY6%2FZB6awI1L6E0LFAZdlivyX9PlY7hOKHetVx19%2BxE1y7VZY1pBdahyl0YZDxRndsvKFVt6AwLgWllZ94Ei6GjQxT2%2FYLdEvBO%2FR5mfDqUEfJoEsVL9a%2BwhnUmiyq%2F5ls8methA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729fdf770883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3355,"size_decoded":4187,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"0929bf4e648129983a233b460ddd9074","sha1":"8aa69665c97dee9b94c5e74491ad0134fd8c73c8","sha256":"6cfd6e9d15d1b6895e0c77fc7bab63968d1d312564897de5932c6b7446518629","sha512":"3f993513a9a55db99a2fb9c8f08d459e32344a80dada473b102758fd0923c5c2c8b1930e40cd4d28a881fc890a517865b7fa06735cc7b30e33f1f76b44ccbc0b","ssdeep":"","tlshash":"40616eab91390185c0924c08d62ad12cba4e7eb68f46add5dada83b0c79730498e6335","first_seen":"2025-12-03T13:20:40.482032Z","last_seen":"2026-06-19T03:29:38.65557Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/clanker.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.108Z","timestamp":1781839749108,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/clanker.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 06:55:06 GMT\r\netag: \"6905aeca-b7\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IBbKVnfUYaa5M475qMB1zWqpbh0wu5PpG%2F%2B13bpiRPmhYvkZ6wHx7qZo5gjJYihpkM64352WgLnzoxR8wtkBjh7rx77p2LVOLH5XWpM8D6cBEJltZ1qnFb5%2BQIVHEoMS4aZv0F77VQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 183\r\ncf-ray: a0df729fef7e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":183,"size_decoded":974,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 4-bit colormap, non-interlaced","md5":"a4dc5e00056c4084cdf30c2a840eec53","sha1":"38a5da765c5b6e1e99a501e616375508dc453fe8","sha256":"6d994b5fbd14ea1a66b64dda61741276ca8f53cccca1f278291ee42c5492990d","sha512":"71346fdd3606e175197eab46ba2899114267b4e78e83c6b76fdaf7623868ab4c3f5c9a0ad25ba74d15818988f0ae725f9c1f849b8d777b8ce384c03656fb72c2","ssdeep":"","tlshash":"7fc08097b78cbd53f1dcf13656290d00c969025b4402455301088f4c4767d0715fc763","first_seen":"2025-12-03T13:20:40.667509Z","last_seen":"2026-06-19T03:29:38.658324Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/kta.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.200Z","timestamp":1781839749200,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/kta.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:58:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905d9ce-730\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=myorela7PGyo1MdOWN7jUsWmBIJJGzVst2egVzN%2BwAcqgM0skZQZ%2FdsjaZwAPrLBrCP4DCPaGUbCxTBExnhm%2BwHT5pfY3GhyNFSYsEuq%2FAjjQHdguLyggmssGGdoZO%2B4w6dNAfIDdw%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df72a08faa0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1840,"size_decoded":2665,"mime_type":"image/png","magic":"PNG image data, 181 x 181, 8-bit colormap, non-interlaced","md5":"116e331add5060eea115cfb8fe42f4ba","sha1":"bf42193bed4c291e612b711a0796666d226314c5","sha256":"b125f8d36863e525f51dcb2521da517611cf250a79580d59b503b09f587793bd","sha512":"6238af0c988b968496f57f096d183715fcd2ff4c00ec7238ad93edda5929a811f7197235249de57bcc059ac7e6b1b0fbb3e5ab68b4dd3ba6a519d0e54e2b8701","ssdeep":"","tlshash":"b5311bddffb2ac846fcf0c724e7099e6a1a43934ce754503851812661da2d38bf96387","first_seen":"2025-12-03T13:20:40.64024Z","last_seen":"2026-06-19T03:29:38.661086Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/0g.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.409Z","timestamp":1781839749409,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/0g.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 07:29:43 GMT\r\netag: \"6909ab67-3eb\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WVKqjsveIipNN2ejKF74fZApI5wjOMcOriYTCdwahRYtRilnaDuJO5NngzOfjo%2BKwkTNtgiiqFPmFPaeLRVfrRMNA1WsUe8F5n4PvPCNOO8ZJeIIyvQ30Xx68BA2nI8KjhFBUfjE2w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1003\r\ncf-ray: a0df72a1cff30883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1003,"size_decoded":1792,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"caf8a76cdfe0d4a373c6e9b83ccc3b24","sha1":"97ade2c4df394ba1dffd894d0a95c0b48773f5b5","sha256":"2e240c072e581bb1572c6c7602a0f2bdd63f99f64260c82397dade750c516070","sha512":"05120754d78ca9a785288d21530f5913fd0480f1de315cd0f7892b9ef141747c39766ccc01cfe5a50a809d029af9bb26ae9041d7e40567ad086283a6edd909e6","ssdeep":"","tlshash":"cd11a5ee2a26cdba8b0f870d2f41b19022a34ae8d345b08a5187d905b2834a45fcc571","first_seen":"2025-12-03T13:20:40.612976Z","last_seen":"2026-06-19T03:29:38.663393Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aia.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.546Z","timestamp":1781839749546,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aia.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a24-697\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LEju9XHeYi7owrk0CmtocIcN3LJMPhMSo2gPbmh4krsLPXm4zvU6Y4tsDHYrDi6dPFPadjksZpqp9r0fyXVknEZ7bVio8IzHxdW7hNLd2MSPAelYLLrE4NigK%2Bf96W%2BFfnJuRHl0hQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2a83b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1687,"size_decoded":2511,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"48500ca71750324bfa134756900749e4","sha1":"9148eb19e764abbe733c64e7a607811250bdae95","sha256":"623eb59ddafed4c64f3a8454aa1798ac788e0c6afbdedb2ec2e889432126c037","sha512":"54fc7c5e232204f1a33f13119f584f5b66db1bd0186fa39f3b441975dafbf78d8dc4cfe7996b143dd81e531a27d26adb65614262a700bc95dd78e7db2083d4ca","ssdeep":"","tlshash":"9631fa672bba165ca125cb777a06758162b060712ce9a0d9713e8f27100c9f1b496b75","first_seen":"2025-12-31T11:42:51.792705Z","last_seen":"2026-06-19T03:29:38.67994Z","times_seen":17,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/btr.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.584Z","timestamp":1781839749584,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/btr.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Wed, 28 Jan 2026 07:12:14 GMT\r\netag: \"6979b6ce-2ac\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BlKxPtbXXxC17WEWH0HovApzn9SX%2BkQMN0ZS554rKzaWXyS42OPhUVpDtZmBSN7Fr7YChwXItyvFpUpbDLMQGPvy8LRIo1ozkPl71T%2B%2F9SVoKBAcO0mPeLI2J5mR4kXecww47GhPHg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 684\r\ncf-ray: a0df72a2e84d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":684,"size_decoded":1478,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"0ed7eb9f99b151995e0b8f26f76f417d","sha1":"1fe867b54eabfa80a7466963268d7bcbb77072d5","sha256":"b7f726905bba4817a97cb3d948676b6ad607f37ab5e3aa741710ddd60a63cf24","sha512":"6fa1acb4744146366da257708517a11de46f0a6ee7609bd60de17f992c1fb0c3250224bd929444c05090df51faa3861aa48a6f3904bcfb8d123d3942697b0abd","ssdeep":"","tlshash":"d20144ec4519062da79007c25936c3305889d960673c16970973fa4d8b70d380dc7a10","first_seen":"2026-02-18T12:44:31.157388Z","last_seen":"2026-06-19T03:29:38.68274Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/acu.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.587Z","timestamp":1781839749587,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/acu.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Wed, 28 Jan 2026 07:12:13 GMT\r\netag: \"6979b6cd-19e\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o468YSd67hz8uco%2BaJYjIa6BKNaa6iZyx9ZYbZDrU6ga%2Ft10Z%2BzEWfKoNOGKLedpoxr9mJZEygsg1hIgdqKF6HJ2457yNO1jdU1aq4wAVdcTu%2FhgjUq%2BCv5SdJtTPmTfrD%2FO81sXDw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 414\r\ncf-ray: a0df72a2e84f0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":414,"size_decoded":1212,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"ea4913b1afd39058f689c7c2c4022429","sha1":"5629de7eaa6c33b16f9638ef92eb18d76a35e3e1","sha256":"0eafd572df12087e3d6c5fd3dd4720e16f062c32ce4570cb086f5cf379630129","sha512":"b996d50bb2c3541701b839cf1693e173adc0eefff6bbac85b5997b51e61f3cc8cdf3816712a813f144a689863044e5d7ed9aa093133c7d3c8dd9d931388e3401","ssdeep":"","tlshash":"fce0f1ecd128513a8bb985f1bb4b2c2698f1992a4111032e57632d18359b489e3d730d","first_seen":"2026-02-18T12:44:31.247323Z","last_seen":"2026-06-19T03:29:38.685711Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/pendle.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.784Z","timestamp":1781839748784,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/pendle.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:13:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da9c-4f2\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=szeVkpWqRjBFq6WLR3wneZnM9IDVC88Fv7ozmudq9jKVKTxiazWyO5eAb6n0yGakFnTL9RElOFiXK4AMAK8mAmBXxndo1exT%2BFtntL2oomE9d%2FZqLQhrg2kaxXtklLbEbdMLyJFBLw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729deee80883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1266,"size_decoded":2090,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"296ea902c98743de4f087528463affb4","sha1":"af27a4485045d9991f1e5f8996e3ef24071232a8","sha256":"8c78c7861f9796de17cdd35405b3e65011683b39fd1ce8d3d7614dfcb68552d2","sha512":"a42a085b405e0162b9ef21eaf44aa503e2bdb62f070af4e6b93789cc3db4ee91c555feb8518394c9d12c1981d2e9cfe76da56d73e74de4244173699731cb180f","ssdeep":"","tlshash":"7021bae0687169745302a7760572f8816477e3d7eb46748b9442ed144f360c4f3858cd","first_seen":"2025-06-21T01:40:25.154719Z","last_seen":"2026-06-19T03:29:38.688016Z","times_seen":20,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/eigen.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.893Z","timestamp":1781839748893,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/eigen.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:12:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046169-405\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FhtrJ%2FI4ksKbspEwJx7J1TnKsAGydBg7YIVtnmD2PKdaAXhX1eRHMzImniTcauWMPIR9a%2BouuVPRFRKmhZIaj1sOU2NcNIcB8V7%2Fqi%2FIW5E50rAtryZd7E0%2BXylsYWvfTDF%2FOsxSlQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e9f250883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1029,"size_decoded":1858,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"92df137bbdacaa6fc34a4460881f1e7a","sha1":"5c37379c2e03cd04fb8f9b20ceb10c0048812bfd","sha256":"6a7469914669cae5c575125f9361d8dc41b349248c5b778cf66e8cb36f72090f","sha512":"cf8fa068972ad26c31834711335745b628de4c1f9dbab2d74829eb4e3e0d6f62a88670ffc89a21708a8c772d542985ec6c70d7cbe185ce5691260f7417db9e0a","ssdeep":"","tlshash":"0a11729f8164bb93d89a6a331eb6a0e0b7500ff860819660d299903a4e7447910bf69d","first_seen":"2025-12-03T13:20:40.609353Z","last_seen":"2026-06-19T03:29:38.690156Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/rdnt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.002Z","timestamp":1781839749002,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/rdnt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:05:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046dd0-522\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wCj2i9ooE%2BQyt3UXKEqWnsI31LJZ10JAu1Vo087BSs%2BeaosT6P8tc62ilDWjfAKM5ei70kHUVvxPX%2B3AjcLvAUDh%2BlIOE3aP7%2Fh%2BbLqoGg%2B4air%2FWToDEeErBy3D%2FXLfLnsk7aHRnA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729f4f4e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1314,"size_decoded":2152,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"0ee70d5c932bccd4b958f3d64c4605b8","sha1":"f662ae4d4847bddd4743b78f36d34f13238cba2a","sha256":"cfc4147356810bdf5a678943a28ebfadb3ec969f62fd47d4834304cf80eeb081","sha512":"dde208eb56f8d5718892b40839a31ce48df3e1abf90469aadaed2d0f758d25bfdd867165e3916387765f34dc5cf133773cace9dca99af948cb6dfe2311179168","ssdeep":"","tlshash":"2421c8cbb639ebf3e562222c07987154558602fd31b586fd3762c8ee5588eed0b040ca","first_seen":"2025-12-03T13:20:40.691845Z","last_seen":"2026-06-19T03:29:38.692745Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/giggle.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.419Z","timestamp":1781839749419,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/giggle.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 07:29:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909ab65-45a\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eTHixcXAkCXzoyQNw%2FEaTdkNig%2B7Yzivc4p8ZDKXE2%2BTm9K1XxDwbPrrTFdXki8GpNwOL3Nn%2BXQkxP5Cbi4qtLpVJwmVrxeS%2B3YmesJnUtrWDwvLW4%2B6bbHB8runzQC2%2FvY5%2Bvs38A%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a1eff60883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1114,"size_decoded":1950,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"cd7a7e47c8b05505dced7a17d3194c3b","sha1":"3d41cb992918e542f393b1e682b74c3fa393c981","sha256":"2cfc0c721c647622cdb64b07ed566575831d2748b76e47ef4945a6431da294df","sha512":"64c88b4202e29e300ea283c672d3a6a0c343750af54399a9bcb70d17c83dc3a936fa52e0b7d3d95c414251d2302ef42d703b61ed3772b2b37b5f32afb5cf2618","ssdeep":"","tlshash":"47219649ecc3b160dca1933b5d7001e4e56abc2145e0592c9845c7564a6850b5e4fb7b","first_seen":"2025-12-03T13:20:40.689427Z","last_seen":"2026-06-19T03:29:38.695025Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/tradoor.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.551Z","timestamp":1781839749551,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/tradoor.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sat, 13 Dec 2025 08:56:04 GMT\r\netag: \"693d2a24-385\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BZoQM0Q%2BPZyRm5mpHuS8DbwrmpLMmuQMOGpkm5rBiSMy5pxJXqN6OASyq37fum%2B0%2BFjAHTGscexaOkb6WhdIZi%2FBfMxtcWtI5onG9AHWXzv7%2BovYsphZmqYWlGfBpmSL94drQWdF5w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 901\r\ncf-ray: a0df72a2b83e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":901,"size_decoded":1699,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"353c09af93f9d391b4bd7c5510859238","sha1":"8fb1e4941ac2d1f852b6b321d4ca057f4519fe89","sha256":"c1ba16f1ae8b49abccdb2cf1ceda499d01bbc562aba0b41b5527f844b72a2801","sha512":"8a83d50433bfac63068e1125282554a45ae094535f34e4abcb0d15deae5cd69090f993d67dd8a2080459d893984beb3499ede99bef8aaca54024e3bfce9343d9","ssdeep":"","tlshash":"6811b7f40c54bb24041c993918cbc476a4202457399ae1830b97507cd20b13d893dc75","first_seen":"2025-12-31T11:42:51.690651Z","last_seen":"2026-06-19T03:29:38.697278Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/fun.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.606Z","timestamp":1781839749606,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/fun.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6c8-4e5\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hSvTWY6IeyGucvbM79kUTEp2POXcx%2FDO6LUn%2FuOlK%2FpAn5jaFrQivKyv49rqPS2lyVjoTY2EGMSb7CV89G36yE33BZ2bPvzQO2JOvct90geeMZbDkFUldfgEk%2FRVobq4aequZmHcQg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a308580883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1253,"size_decoded":1965,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"e5386190cc96fc5bb27470da75cbc1ed","sha1":"5bbeb973c2a6c9200a307e43e0c95ab251e5cf35","sha256":"9a9f0bf53f7c8a4b21a3e9475ef218363d0fa71d183a7bc450b8ebf067f9e1c7","sha512":"f640addd5901a146e37f3ebfab6303d07b77ed6eb131b5760b4f3f99017976df90ec5c7fc6150b3c754a35679208052449182d28619b00b67763ac511fa96e94","ssdeep":"","tlshash":"5221cae733046a03ea2b04f36c58c23872419d53d1659b6e668bf382d85a3ec1c24e57","first_seen":"2026-02-18T12:44:30.857801Z","last_seen":"2026-06-19T03:29:38.699497Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/favicon.ico","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:10.730Z","timestamp":1781839750730,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:10 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\nlast-modified: Wed, 05 Nov 2025 09:14:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KRrYQMOx%2BSP64v%2Fh4dD0UjA%2BbCY3lAmfIggbjgSQOCRX1wo%2FF%2F1vdS8MZaH7VkAYUOknNrByRNSt1UmtNZzv%2F62k7CVksReP5A1pD5CRzTQJKf75Bi%2B7HUzA3KJkmFFzhO1P4tz%2F5Q%3D%3D\"}]}\r\nage: 290\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"690b1563-4c3e\"\r\ncf-ray: a0df72aa18a00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19518,"size_decoded":4448,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, -128x-128, 8 bits/pixel","md5":"3f9029ccb50f63fa79c58553da80c7b1","sha1":"2e80555eb261889d298dc9a4c69857999037ecda","sha256":"916d39d170f00fd2f2b7d637f2449b375287f7ac744d2f85a2bbb7a153e14242","sha512":"1b9ca77e2bef39fb90ce50422dbc9b478dbdb75b96c02cc142c44cc08496bc0ac60c3ff287928d673e2b86d7d9046c481a079b1ed0e7e3d6a446aa7ea743f266","ssdeep":"96:RM3A2KFM/idvKSciXjqLFPyZiVAJMN7G4lNZLWeV7F03H1+OGLElwRoZ:q3eFMovKSzWLFPvGJoz9s3HkOGYwRoZ","tlshash":"a99230643212f4cfc9b84a329f82f3b8293cfd646c91888576653fdd6d30d258a18b0e","first_seen":"2025-12-31T11:42:51.584399Z","last_seen":"2026-06-19T03:29:38.701598Z","times_seen":7,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/velvet.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.865Z","timestamp":1781839748865,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/velvet.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032026-7b5\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y2Rrf0g2o%2BYcxphhswPJNPr1PO7eojrw5LP%2F4CawrcxE4xRp8jUaoQ%2BUrWFzDIso%2Fqchv4xebxW3qNtKuYIfHRoFyCilwG%2BlIm6YTmAfGBnddA9ndwY7ADIrreHE%2F3GZaHPpH77EOA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e6f150883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1973,"size_decoded":2740,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"8436f49ef0f469829f5d012a9acd1b31","sha1":"1cee5a318e12b26e65cf78cd93076849ca94179a","sha256":"1740943de715bc918749189d41517a1d4a154ac1be888b12c8efe71dc51c4130","sha512":"33cfbb948bfcf7744f0f2e3dc0bff5256f5a4551f50b8430364a91b933750c5f9b34e2b51ea651550bd893cefb816054eeedebe1b81d43f930df8274b871c991","ssdeep":"","tlshash":"30412cbb27c1fd03e0145cf85dc9c366226b9d4f97ad21c3d066d04e95ccee038902a4","first_seen":"2025-12-03T13:20:40.492794Z","last_seen":"2026-06-19T03:29:38.704342Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aave.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.923Z","timestamp":1781839748923,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aave.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KgJQ%2FCeDUUm3ePnlITSSQm9MHnJmi%2F7FZgVNUPbCjAh8O302KWIqHW0IdS23q9vC9eu3tUVu8eKdQXF5m%2FvMRmjz8f48A53mmt9hfNjSP%2Bu%2Fn5nGtWd81HcBHoyd1X9XRpu2A6ZwQg%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 07:24:02 GMT\r\netag: \"69046412-178\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 376\r\ncf-ray: a0df729ecf370883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":376,"size_decoded":1172,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"e60ac226f2c2794e661ef95fe4e70459","sha1":"f6bf1210cb233a209b4e3713c44cb6a70e53157c","sha256":"aa7c8d08ae341d340a9dfe0cfb8da7ab8875578bfe1f796f3737ac0cc4bf22f4","sha512":"f429a0a2982d58bdfde84f46148977fb111578982f57893f6c580800d4597a59d8d06e9a4bbf3e875a1da2fd0999739f51200eb3f61c50332fa1cd40d3712af7","ssdeep":"","tlshash":"e5e0f117f30ca2f8ce3f5c270b2f0d59c9e48c4501d111015303cba80597454d028401","first_seen":"2025-12-03T13:20:40.548592Z","last_seen":"2026-06-19T03:29:38.708141Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/olas.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.961Z","timestamp":1781839748961,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/olas.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:29:43 GMT\r\netag: \"69046567-30d\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q8W2wtvQnJ5xOLaM3Qhh9N7tVLoFUqZi4xhwagI662JiG6xwFuW1o65YMOwLX2%2FZIEzeMK4FVVKe54%2BGcnhhc4wq%2FQ3MGCCv03tVGn9sCtSPfiskKNMBOTh8MGpY5LbLv8BMeLwc7Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 781\r\ncf-ray: a0df729f0f430883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":781,"size_decoded":1573,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"b3bd816c3c369ddec3932df145f27f16","sha1":"dcdc28257151bfad63d78c0906bced1f50607f55","sha256":"3b5302abce20e95c1711dbd0b5889b20d34baab798e0043f539aa7e3bd4c6101","sha512":"79f083fc9bdffd2c562f1850dda7275e4e3e4a1410b403ba081ca922882822d8f286e0b3afe8533705e560e5c10d8eb77e443e0ebfc952f36a5a94992059c933","ssdeep":"","tlshash":"6b0175574c05bb3ccf534d8752589761bae31b2928d34185792d987e5c17c324ae7291","first_seen":"2025-12-03T13:20:40.475223Z","last_seen":"2026-06-19T03:29:38.710992Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/hyper.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.239Z","timestamp":1781839749239,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/hyper.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\nlast-modified: Tue, 28 Oct 2025 13:43:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6EzuA5rlFiNUKlX2sb9QCRCtrmYYXhO2LN%2FP5SrUXBs9W0zCsLgjXfwYczJlBLQYuNLilJJ3Dj%2BstB9FRPWTiMxXXZBccHUPBYsTT32mF7OFNSyxjBjLxj%2B8n3%2BMNFizbCuSwzm%2F5g%3D%3D\"}]}\r\nage: 291\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6900c882-27f\"\r\ncf-ray: a0df72a0cfb60883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":639,"size_decoded":1148,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c40271bfb85af015483359b6108649f0","sha1":"05c9c818f18f1d2e3201bd8b34077c0604c74963","sha256":"45249cf9780d7a41ca4d1415454b51b1e17fe9bc50d5e2c796e8797807895d3b","sha512":"2e97dc5ff8a15940342dcb6259bca7d78af650f848bc5e007163cf3a6f58c245ee2e4020bfd0f75a55fa6cd66c6894bfcec60207c979b1a01f7afddd0d15cf76","ssdeep":"","tlshash":"66f002fd1740c6e9d840c6e8c76d18e77c6b74d61fc00238e794751874d93de1e8a64a","first_seen":"2025-11-10T15:51:36.272343Z","last_seen":"2026-06-19T03:29:38.713798Z","times_seen":25,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/coq.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.241Z","timestamp":1781839749241,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/coq.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 06:59:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6907014f-6d7\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HXHKFOJ%2F3IWhYX0jNyWfFfyTpYNqSWUCIHxsFJ8S1xpZgTwZDs4CdKZ1jdJ8sPLPa05Uv%2BqfVlC4Er%2BesHVTvtrMjV6HVyH8xhgVyIPrdbXhssi0a3xbIxH5xrHaEs675tMcPdtKEw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a0cfb70883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1751,"size_decoded":2577,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"ef4fa9acf703a68e9cd24ead8a16e710","sha1":"393e6ac75eaf0c72620a6e8e90b9cb444f5fa209","sha256":"9a74ee4b66d6a2cdbd5a5a25fc666754ad3ca3ff4cfa17c55494f1cf08fc4619","sha512":"9db6c1fdf3015bb91789e80a8b3f6caff6e30ff12e9c32e07c2aabe5041343540bdf2bc77c453aef0100d1df5fbd41fafc3ecc5590ab786a37a437a24721d270","ssdeep":"","tlshash":"ad31e68fc5f54eb4dd4a922129e25826fb34d2810020dd97161758e3e918dc674bbbd5","first_seen":"2025-12-03T13:20:40.47718Z","last_seen":"2026-06-19T03:29:38.716211Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/turtle.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.420Z","timestamp":1781839749420,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/turtle.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 07:29:35 GMT\r\netag: \"6909ab5f-327\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mQ8kEwt0Wk7v1B6Pedg%2BaF8cNVb5wjFT2C0Zx1PlznMsC%2Fns7trBs8Z2%2B7f5UUGxqTWD5dP4AQjqsQM0EFu8TVEMW4EzCqOncuh34K0x9ibi17%2FATFiqSxNQ%2F1vNis4s7o1Ehv5y3g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 807\r\ncf-ray: a0df72a1eff70883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":807,"size_decoded":1603,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"d5aaf79fabebf5d57d3602337818373e","sha1":"2e4ef0157ea2b46da61f1c4c7ee6bbfb7a51ca12","sha256":"137e9a7f7800200757ecc830b76a6a1cbf31b2fa46cb548e12f1919b0b97fe29","sha512":"2bc97f7ef950dea69016ab8499639ef0f7c6a4b162714749b0dbab54fb41901a3703c065a84c4b97f386ae8fc6c98927b0325ef86dbf89596ab8e4dfa590dedc","ssdeep":"","tlshash":"fa01866629db8efa4a4a03669b085162257f00260202dcc7c4e6e91b542f7c6c58564e","first_seen":"2025-12-03T13:20:40.515972Z","last_seen":"2026-06-19T03:29:38.718372Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/hpc.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.833Z","timestamp":1781839748833,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/hpc.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6903201b-972\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IAuhwGLEIZp6o2VkRt5HBmhR0m0CVR1c01VmdtTil%2B3DDLz7Hm7Wb6tnWrRKnRkYaTXk73V5mSwHEVm9pLitM70ynEX7MFL5im7n6%2BNkG%2FV20HrPhKr7YgxAeVkxzIGBSJlvurOoHQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e3f020883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2418,"size_decoded":3244,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"a1a44909dfa08c89a1c7ec7d323c1ca1","sha1":"6be49e27e7e5e7eb91558781bad31ad23c474dde","sha256":"bbd3334164d94a932128be3887950307a3f096b9fd3e67c1fcea888d72beb9de","sha512":"12b8ed5c656ca52dc5d9cef0c3d4572bb3701b05fa1d720452609e4bea5d8e5a1d2c7a3e5b70fd08c0b502da6b2da52971062f27df17b1660abc17f40cfb6048","ssdeep":"","tlshash":"38412ab3f7ac3937dc88208179dde324f31366781e06683e2a919b60dc826d97838592","first_seen":"2025-12-03T13:20:40.660299Z","last_seen":"2026-06-19T03:29:38.720586Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/lrds.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.835Z","timestamp":1781839748835,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/lrds.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6903201c-66b\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TByPw0zgcO3XpAAbLKnaZwL5PLTXqOrLV54OxFcPaPTx29qOPODevm58qagPDb8fTDn1ttAXO1Q%2BK234UOHNyCZO0BXPO3TyYZWX5iyfoDht27lXQ%2FRh1qWXHPUclXbz7bd%2FtM9UtA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e3f030883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1643,"size_decoded":2469,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"b0fa93c57df587b81a359b3f78dbc8cb","sha1":"a4b22a92e6ff555856d910fb40bf4eb9822d1276","sha256":"15f2d7f2fa0518e02a5addce007b083f444fff3fb0ecb76ef0106492fd80a5bb","sha512":"9bfe68a4dab5b1a776077892b0fa4ac74fbeba9a976a5c5af4cc31a1f32e9a8c3425988763eb600353bf9f93337e84983f5ebd09528cc9672551e0418a682021","ssdeep":"","tlshash":"8c315a1e2f9c3e60681fca00df35e387d408211fa9a10afe4ae60f24e2d30d671cc219","first_seen":"2025-12-03T13:20:40.63388Z","last_seen":"2026-06-19T03:29:38.722776Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/da.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.870Z","timestamp":1781839748870,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/da.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032017-7ad\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iYWfq%2FHiADtSoZ0ZwH3fggQU3JyqUedWM3ULOKIDoeihAruynenvHQz7Msquu%2BXkQj0rUpsGz3hf8RcffnJI5lO1CsgACTkv7ZVOXuEls0Q3sCHW9nHhC3Z0eRFsYMOH3FE%2BdV0J1w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e7f180883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1965,"size_decoded":2786,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"aec9e9b3d19a2e130d7f6fdf40e95df0","sha1":"9bb10d48d3a48e3f66af5e1fc5245533e492b88d","sha256":"760e74de8c2e57cb564f35fbfb60f5e9b9fed40de283f93e5c9e33f36e5510d5","sha512":"5e9d5da2bbeb2549513a6cfc0ee2e0bdaefcf232abfba5691c7b936c8bb03a580e684abc81655c8caa92f39d2cb102a42ad7d4e6dd30b022504639b48dccdac3","ssdeep":"","tlshash":"e0412a945f92bc92449f98ae07403477dcf10d3b21a3aa5d08f278b02471eb0bd0fa15","first_seen":"2025-12-03T13:20:40.45843Z","last_seen":"2026-06-19T03:29:38.725072Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ub.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.876Z","timestamp":1781839748876,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ub.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032024-50e\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O%2B1I1PE1zdQ3hJRItAAcjl6i%2BL6zW5Y%2F2evUY5dRvDMj6YgeilijFwIEL9rAvA3qs3sXKPjLtckKRo6doacRHvXlR%2BdiPIZwjbJnUeoE6BZEtoHiQgKMXw5irjYYkP2xdF2t0lL8Qw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e7f1a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1294,"size_decoded":2122,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"189ff0c113e62f56e4c714705bc627a6","sha1":"e4d19f2f40a901c87f24d39da75972d1b23e6d18","sha256":"8b28d718463e0b29f9c8a817cf0e98a476eef48d4c408e93f29fb8e3898096d9","sha512":"d59fd0fe8a74fc933908192e7e2021a5b4bb35064726891c5ae82fda3876c827aafbf7463287d861971a890bd976afeb68b01067703e1a6b46e82513c5237879","ssdeep":"","tlshash":"e8214affc1d36692d60238361358a1ca882e1d0cf88c6a239ca3df3a02a23059bf0214","first_seen":"2025-12-03T13:20:40.610318Z","last_seen":"2026-06-19T03:29:38.727467Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/tut.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.040Z","timestamp":1781839749040,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/tut.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 08:10:13 GMT\r\netag: \"69046ee5-153\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3HElG2eDk7jbHaH2l5JacWNuZYRG3vFVVZjpLDuJHXk7%2BJykno3pKNTIaSTZN0aP9ZonY%2FaYD17TjcSBXeT%2BbqVSG5dKqb25en3FpR3X184p072CaRq2PxxSCeaMy9mBpeVa0Qh5NQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 339\r\ncf-ray: a0df729f8f5a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":339,"size_decoded":1131,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"d6455fc23f939269c55273b204f175f9","sha1":"9b1869bba9d5103b5825d9e7ea3564e16c4bf46b","sha256":"bdf9bb9d7ed1b0df20759bb9f812b3d2d5b996ca85f270815b531bc2da28fdd9","sha512":"17622fac17ef07f597c7c5fb4c7f01aa51fc22134639bfd950d9fa61a966953b6036358d2f3a282dbec80903518aa1d2be9d315f5b3330658cbe81781a39e4b8","ssdeep":"","tlshash":"9ae0c047aa4af540eea50ab91f6d0168d826042435c0a82a12cfc3ab1d967ce504522c","first_seen":"2025-12-03T13:20:40.605227Z","last_seen":"2026-06-19T03:29:38.730629Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/kaito.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.107Z","timestamp":1781839749107,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/kaito.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 06:55:03 GMT\r\netag: \"6905aec7-2fc\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AMWP8hAvQge4658stLRJPON0rXadfsthaoQlAzmsSGAiiFfxzqaDajBbEMqTL5FfiVUhPppJz3uvHAhnyegkYGrB0icXrPjQ0CHbnkNNKh0E2Jt7XTUr8737ctptBGaQL0NnjPfn4A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 764\r\ncf-ray: a0df729fef7d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":764,"size_decoded":1550,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"195d02c69b3b36374af5ffc15ce60600","sha1":"1b5ad570e2793a673d136278c83eee63e7458315","sha256":"cb85c5fe6afae336387500790364c7445457ca27069601b3b7a17d27ffd1cf5a","sha512":"a165a4d8edbca16a6c94507e494e4b486b86ce5d93596d49e5cb4a99a8478597102223c5493c1006b86b66499df0fdeb2c232989a46fdfec5539505695bbad98","ssdeep":"","tlshash":"e301b5c64fe96db9c51d89a13daf13f687b2903d0b02d2486463c34ddac131d0ae4d01","first_seen":"2025-12-03T13:20:40.568777Z","last_seen":"2026-06-19T03:29:38.734188Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/got.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.168Z","timestamp":1781839749168,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/got.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905cead-4ec\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i4tHIowxRmFqbr1ekj%2BnpF3PWJhAD5K8McqDDljRqOc3tj15sr7RXaxLrF7UVHs71CDb3PRiaMAhr22oG4Lw%2BIwcBtLDTuYs9LCEQjJb0PLQuw3ufDlzR4ibY%2B8vzngfaETbCekgcw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a04f9d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1260,"size_decoded":2086,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"8572789a74bf9ce788e56ae40e31721c","sha1":"7d15e70b2e1b98a5201abe398d4efb6288078f26","sha256":"686ab47cb40b02ff65f077d7f175ac00d53448159ea70a04c4addfd3dd4d8cc0","sha512":"e3d173b295dfbaa958cc492395e247186a1e4e94d691db0445fecd37e2a7aba129388b26adb97f2ebf575ca1cf27d0ea8afd8c4f89da263591856bf5d4a42921","ssdeep":"","tlshash":"a721ea6236d4576408977fe2f7df21bde3b3192046d0e0507dcfddc54504844b85ac08","first_seen":"2025-12-03T13:20:40.530982Z","last_seen":"2026-06-19T03:29:38.737041Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/icnt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.202Z","timestamp":1781839749202,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/icnt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 09:58:39 GMT\r\netag: \"6905d9cf-329\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CKdcuhdPAOYoJZKf%2BDt%2BfO6LFEOzlgywYqXRCUmcr0ozTuwgnJRM08rUftbu0s4YXuzRQhm2QeU37tI0uhTL1mfkBzdjHTVtT9ihTiRTR91QyTCjmaY10VprEpPNio6I1ZjCYIxSEg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 809\r\ncf-ray: a0df72a08fab0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":809,"size_decoded":1599,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7a105b8ab32d46c2751ea42b8c0bce97","sha1":"5e811a46e7511aedafcee6c01ef1895cc181a5ee","sha256":"8036e4dd24d7ae106efbbf3050846d26cc3bd22aeb0408c12fcfcf4dba8e1d29","sha512":"cd9b5e4353818314415d9a996a5fd2457007091063b104cc462cfae021a1efc591d7c6dc96ba82dc577e3a4ab8393ec2b21b5139ae07f4a285a794e2a27675e0","ssdeep":"","tlshash":"d401c5a082d99a39c2e04152163c9ab2fb6001201f24a4ef0914c3886ac280f32f4b0e","first_seen":"2025-12-03T13:20:40.597452Z","last_seen":"2026-06-19T03:29:38.739568Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/reth.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.755Z","timestamp":1781839748755,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/reth.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa67-79b\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=msqRsW9glEd%2BIKFjM1Lte3A6SwzKhq6aEsUt0TIVRnFk8OOLQU6rmai5wT2uakGEr1iN%2BQa%2BKO4mzJ7rUQbwkI7kUMbO%2F64ChH0za9B8Y6TTP4UZqAsYAEoKN8I%2BpN857Zpe%2FOAxTA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729dbed90883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1947,"size_decoded":2774,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"318e3e290015f1ed649c0e8a493da626","sha1":"b04d1a8f54928978ae4092ab1de3127a70608c2c","sha256":"0e4389c2a77fe1a7b6ddb0eb6ff5e4ca73e674e1bdf53cca65a891f2019ec0c4","sha512":"02be2d8c24344748cda9cb418cc39e6fc8ecde5d7f2802c1f22c3fe2336e22ce8b4fe8323cd9abaa8e818527e196b67165374357bd3c606ff44398f5c58e1415","ssdeep":"","tlshash":"d841e86605de9e1a850379209978dc4966b3c091e50dcbebc342b26c6c0803af7d87ba","first_seen":"2025-12-03T13:20:40.449507Z","last_seen":"2026-06-19T03:29:38.74414Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/spx.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.908Z","timestamp":1781839748908,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/spx.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:18:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690462e2-724\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vdqR2HvWJnBjheQAnO5V5ebv52GmJGHm2YQzP5oEvgM2z1W%2Bjp%2FGO9rMXoyAm38Ifc6g8uxYXcHFseKtdFFZrpwnkifGnPLQA3UYfgbWLA1JqF6ha8lZVgpZvEs2I2nT3hDUPWL2WA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729eaf2f0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1828,"size_decoded":2647,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"f2daf1d2d79ffc27295ff025101432f6","sha1":"0861d3c3edec48f99d8b866a86b5c1a0fa53deb4","sha256":"e39b71a688afffede0ac0e9d680196c02261788649e13af4fc6260739a7454d6","sha512":"8a7717fd3bc67a98399d5a90459242524f16f6892945a99dffd05848933e397b578c11e7cab08898271ea055251b7c866f437ceb39e89381b412268007022c15","ssdeep":"","tlshash":"e53109860d84dfa2a162377804f15d82e4b1c1287e94497b34cf755d049d1b3d2fa96c","first_seen":"2025-12-03T13:20:40.648053Z","last_seen":"2026-06-19T03:29:38.746572Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cake.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.114Z","timestamp":1781839749114,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cake.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uW73QNS9AnA6QhYmHZ1BukAEb6CEjj81WiTbEvhnatHkSfUt8C7h0jjPzzdJ7QKX6MwnYMMUoyOPYH9q2yQ56szbDPC0C18fUfRtbXTztjdBLukHSoZDdVs7CoFPOKxk%2B5XcFCq9tg%3D%3D\"}]}\r\nlast-modified: Sat, 01 Nov 2025 06:55:06 GMT\r\netag: \"6905aeca-2c2\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 706\r\ncf-ray: a0df729fff7f0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":706,"size_decoded":1494,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"224dcaa5cf8b37e234d5f00290eeafcf","sha1":"f40e48aaf5f426ad41ad2e2c54eb8f23666f972b","sha256":"d3e30fc5d7ca130e10589a7cdc22a8524664117eccb8bd88040356d99b0866ae","sha512":"c140386fc6ffb4a80d9d8c45a582db023a2205b23ea0381e8abdd8efbf0eefa67b652dd006c6ca9ceeb4c432f7cc0c3eb90484c689ea9964bdc5b69a875b8193","ssdeep":"","tlshash":"8c0144a3d723e03b922d1837f50414972984d2d65c06d87236436d35e56238487c5e77","first_seen":"2025-12-03T13:20:40.533579Z","last_seen":"2026-06-19T03:29:38.748913Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bars.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.428Z","timestamp":1781839749428,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bars.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 07:29:39 GMT\r\netag: \"6909ab63-2d0\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XMKbXBWetYdgvoVsKk4SMnD7kvrZCuvCUbZpQZ15%2FLu04VVwh%2BkJLtQY34rFghFBSAdTuQs3p8D9mdgvgdYJA6FPCajnscOnufJ%2BZ5aksA9uO%2BrbbwyT2TG7cCvPhRcMmvSuEl%2Fsog%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 720\r\ncf-ray: a0df72a1effb0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":720,"size_decoded":1516,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"6ea7463bafa2bfe0346aaa77d26fbe1d","sha1":"5fc03fcf9890067634a40e1ebc40a4198bf53b8e","sha256":"3c8d211b8a732d8eec67aa0239d14feda8dfbfe1f83f5de7d78d56f2f851095e","sha512":"71597d09ebaeeab972aec95fc756c625c5034fc6248b6914aec33dbc4528ada78680eecf0714c374b8e41adee9b6ba088dadadecd9ec0b55d6455db12654badc","ssdeep":"","tlshash":"ce0160e346aa9cb8011b20224b9ac5cd12b34e21038952f480b8c8aaca5cd51b6a9b4a","first_seen":"2025-12-03T13:20:40.593093Z","last_seen":"2026-06-19T03:29:38.751634Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/hyper.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.451Z","timestamp":1781839749451,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/hyper.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 08:49:43 GMT\r\netag: \"6909be27-39f\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SVF3BOzZAbvTqeAygUSbzeDTkItOadXibGGbVeGlKkmKPb3iI7e%2BG6idMQ4SbmNrFdR27PYHFPRvKs6nLIgJl6Zk8dzhINHyUo6tQueeIQMFIl8Sg2el9DHhjO%2FeQCNy8tF8Jj3nrw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 927\r\ncf-ray: a0df72a218080883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":927,"size_decoded":1717,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7db8117a0d80f04d545bf5aac6e4e39a","sha1":"4f5bb27b8f9d01322b7d3542266f0c3bf73dd83e","sha256":"ff45fa6c4185cd9e91e091a6eb8c621f9e4dd1b6def1fb7765f6893a1af760fa","sha512":"19609584e9b238f7128e96503a0f8f4b022a589b37a743f9074e62b755609bc7dc0b5fa2432b75f58ea64552b3b232a80a86365e921b14c75fc9664a182cd98c","ssdeep":"","tlshash":"5311f7ba620aaee43d6b3d56cd00fa60856ba00c3391682998068e7387a0b41264560f","first_seen":"2025-12-03T13:20:40.641817Z","last_seen":"2026-06-19T03:29:38.754993Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/hemi.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.507Z","timestamp":1781839749507,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/hemi.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a2c-52a\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vi9yHzsFYvF8Dnf0bVuSZRXBPNjilkq4iWDi8ndVEMVLwMaAw81QM3PkaAyK2ym4m%2F5RI9T%2B6EnX8CekuRHxZvqlcbnmS%2B%2FXYg7H9Cwce1X6QDfUvdK%2Fw0XfSeS3292dKuCZzZ5G7w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a268270883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1322,"size_decoded":2152,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"ff108be2fef520148175b9ff1ab41888","sha1":"a1a79122150c80b74bc22c1f8f2bb27ecee0b7b0","sha256":"254079acfeb0c145bd1cce455a245218e0a5610f46cc89f4f1900d5d1d49a222","sha512":"f6612bf7fdfb9f97cb30ddc9463bcb19428227e7dff1ecc4904e11a9de325f2621cceefb472cb4bdb268a16dcafe96869602c02d5e21c37514d7112ca6f27145","ssdeep":"","tlshash":"1b21f8115772ec61b807b27984ad4702c41903635c676322068fc7378be78a575f8f37","first_seen":"2025-12-31T11:42:51.672941Z","last_seen":"2026-06-19T03:29:38.758325Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/holo.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.511Z","timestamp":1781839749511,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/holo.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:11 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a2b-943\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=65S6X0Gar0wvmhg%2Fwh30R%2BXwYtKRbp6eqBNBjkKRLao2Q9Sb2cmsYT2jwzntUBrXaff1JSJisNWNXQZZYD6nOVUl9%2Bdk4OE4YbdCe65T6fINh9joqv0iliODp9jd%2F0TTOshWyocnBA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2782a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2371,"size_decoded":3199,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"a1b0bb55fe3597d8fd8fb9d7069b4c0b","sha1":"2abf00d9e42facbf2890c547b013e07daba27a86","sha256":"3c9a80731efbc25c1cc13f0464048a4cbff92f9ea44ee2837b68fd37b8b33fcb","sha512":"6581a24443f5112cecec630a84f9262cf26aa3840e9e203122c449ea506857411562f0d09fcbe06fe4d462fc79345ca94dec784e3b4ed880a91c6778a0393973","ssdeep":"","tlshash":"6e415de3794c749bb44600d8d92bfd91068c87b803a94bd8c960777b1834948c853f33","first_seen":"2025-12-31T11:42:51.549401Z","last_seen":"2026-06-19T03:29:38.760683Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/the.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.536Z","timestamp":1781839749536,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/the.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a26-4e6\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HXEZywwu8QuLI74q4kW09J%2BqZOZJMEhp2f0AjMDmCCpRBhEupQpH85D71I3f2L%2BgI8wLkqVuz4J6wS3x0hHwFbWIL1UDsC1B6IRsWbERHE6ukqp3BiV5jqp%2BBgZ7O2H6J9WhPrJi5w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a298370883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1254,"size_decoded":2080,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"59c068d49563113e1d752e3f053c3b2c","sha1":"09b45f4775a090c8af35df0121e2378716306883","sha256":"b671c0828a20c08ba07410c31f732b32b6dde3a9cdb77b3e8344a12b5dea8da2","sha512":"6d5ecb3c453b5c6bfe292da4b8d8e6f41dd93955df8da72e08042637d23ca5b3ff40de522fa899e360d7f356cf4db91fd9a2f0cdd64927164d34f9fd31b4f8ed","ssdeep":"","tlshash":"8421e7cf5768fa65c01d22350a2781e8ab2fac163227882ddb2137195378f934689683","first_seen":"2025-12-31T11:42:51.778489Z","last_seen":"2026-06-19T03:29:38.763468Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/neiro.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.880Z","timestamp":1781839748880,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/neiro.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:12:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046165-588\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k2NEUb8YHZc69H2VV7QANgegGrwuA6GcJtjs2tKvN5ef5uZpjNgx5zfHhJJGo61iUrn%2B4XUrf3XyQT1Rq9X08D%2FZAz07dMC9euaHt%2FDDiSkZ3Bpg2Zppt9keCtDONwXc4o2mLnd5LA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e8f1d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1416,"size_decoded":2242,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"16260bf177ec9ce1e8a0bfb8b1a4f1ee","sha1":"71b92ee2743774c35140894583dd464296624765","sha256":"15f81dcaf5a61275256b56db254dd5207db07e1555c791506b287fecb55bd8cd","sha512":"23bd3a30164366c77fd6e63abab73064ec5836fbc95e746f6ea5090985aa7e32260e6ad6e8f21f1fae00cc7e8a9ddbb292840436cc105d46c1206277f236ea57","ssdeep":"","tlshash":"cc212eee120af4955a4af7309265dddd918227a70dcf7fb74a9651e758f710310c1322","first_seen":"2025-12-03T13:20:40.531677Z","last_seen":"2026-06-19T03:29:38.770283Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ladys.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.043Z","timestamp":1781839749043,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ladys.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:10:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046ee2-5ae\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PlBOvzlkQ7h7MQQyMRb1SBLIphOzQF0Ttc%2B3ESb2iqPwOU%2Bn0h0p2VzCW%2FogWHJt6df69S%2BgvBiXKhXbW0ixj5M3aC8DmdR0Y4KrYNWi4rnP1ETpfLb60WN9FdNuoOykPbM4nvelmA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729f8f5d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1454,"size_decoded":2282,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"751d8e18c9690a70d942a39a2845f2ba","sha1":"b84e72932a5e272bb540403271a8e29eab5a97dd","sha256":"178c7fed878b9989d090ec2250ce1162662930211e178e2bb735667c83e53816","sha512":"c7f86a84d3e0aa44a2b0239e0125b9eb4558d08c4099855ab9a6ad371b5c8d480bddd7f4305ecdebdd4e91fd7d0c08cded2aaad86c6ab395cd45b3e59a98714e","ssdeep":"","tlshash":"1c31e991ced5f48c5e477b9c6221c1081c3a5420fc684716532451abf97ef14f549ea8","first_seen":"2025-12-03T13:20:40.616916Z","last_seen":"2026-06-19T03:29:38.772514Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/uma.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.304Z","timestamp":1781839749304,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/uma.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VKRHmlxK7IHoNMA%2F3ZyThQ9nEHEPGp6Wfh9hIgXr%2ByLFnsHBgk1HxKrZMRJRakDyiWh1CvIHAeBITRYCuhUacdyL7evOCs5YORmadNMapCV4czBvRAlmWzIJQM3NdxUcUSEZpA1r%2FA%3D%3D\"}]}\r\nlast-modified: Sun, 02 Nov 2025 06:59:37 GMT\r\netag: \"69070159-ed\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 237\r\ncf-ray: a0df72a12fd10883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":237,"size_decoded":1028,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"952857d8b5f3648c5bb13a0d99faf36d","sha1":"fb227b4b62b508604951cc758851bf4c5e3c6b83","sha256":"b94a2827df9237fb0cfe4de839a2f7fe7e1429a3d0e90b06c40a7ba9fb4853ec","sha512":"7585408b0fa73920184f9144b63033433113911a990feda816d23b6780ec4ef088b0c32ec1028e1c2299bacf86c3b74fb74f4a1e1293a050b51797a4086a2862","ssdeep":"","tlshash":"c8d097e75313dea282835a33ba820030b8a892341093489e724be13e0e102048889348","first_seen":"2025-09-03T18:07:33.974678Z","last_seen":"2026-06-19T03:29:38.775557Z","times_seen":21,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/plume.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.547Z","timestamp":1781839749547,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/plume.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a25-8d4\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=axO3NjeIRKZId85ciGddF06NGZjdDz%2FHacnSr3SZqoILCUyWHRFQhvkAE7NU3DgNuxgFMGLGKDbs6XCgQSmHpeeT%2BubbF8H1UkO14j%2FjI%2BcAiTpNdMdtlx2fr4L7NeoSBFmohUXjOw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2a83c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2260,"size_decoded":3088,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"3fcbbbb07e5f7d9c62be7e334df55387","sha1":"d5fca3fedc217631d13747f27c1efef13c091449","sha256":"e51e71b4c5bc1f522357f8daba213c8484000f36fe98b8a8c25bd9ec454cc3d6","sha512":"6d28eecba81fd5337f565b320153ed9ab3e65adcacfb79c9b6ef160fdaeec52e9c26230d06227f1a77a07e38839afc62d60abee930e288359c9ac22e158cc2d0","ssdeep":"","tlshash":"f2414c4aba99e473d20dc44576c6c089d31fa63c4158da4f5d28ff0de91254aede3783","first_seen":"2025-12-31T11:42:52.103734Z","last_seen":"2026-06-19T03:29:38.77823Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/wld.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.788Z","timestamp":1781839748788,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/wld.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Thu, 30 Oct 2025 06:07:39 GMT\r\netag: \"690300ab-2a5\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Lj%2B9DCIUE8M%2BimV3ofyP3fKYFxkNv53A8gL0dbCoumT3dD4PZM77gclzO4IARGSlzg8%2FBPhATuJ%2B34Hh%2FbvQppBLuwaMHBCgpbTVvJPPv3VSkL2Hstz0eX7lhZ0MofWH%2F3JHIjQlQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 677\r\ncf-ray: a0df729dfeea0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":677,"size_decoded":1475,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"f9e3ee4be7f4af044b6e5351f76f4377","sha1":"81be4068e5c4bfce914ffefc4edaa3902fdad715","sha256":"129122e91dbf630c29cfbd4241dec08724560e257eee1ff87c28bed710cc41fd","sha512":"fb8235fa63468db43c0212e8863869ebdecfb16ab260bfb254e37f5b5aeaf52c5f4aa298f42031c9ae40f2f6358badb8dc2b3edfdb2bd4727fbad81a2397fbd9","ssdeep":"","tlshash":"91017ef40a4bd8aee639ac3e8102c494bee492a848c7904ce12c8a4c5d7b11930e2f83","first_seen":"2025-12-03T13:20:40.527394Z","last_seen":"2026-06-19T03:29:38.780768Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/npc.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.882Z","timestamp":1781839748882,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/npc.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:12:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046166-790\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yI9uGqxeaWoPo42HYfgvlavPwovnOMZOY5Zqtwr3xKQWX4nvIolkHGjplkyVuZKU34KycxqqBNxwnaQm1eAcrycx9KDsqh5Dg1Tqx2%2BUIVzXXp0%2FdAeWdl7V1rWO2mjrElcKy%2BXmYw%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e8f1e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1936,"size_decoded":2757,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2b9d26c639577f3d665e4eaab46b8477","sha1":"3243b8ebdfa163123e2ca70415edb7332e9ac8a4","sha256":"59d3e71457c011a7b42f291342b42008fc978d46bbadea45fdcac06504d0e52f","sha512":"79ea86ae5ec04decceb33e9741e4d269d4dc420f17c8d5eb37792ea2f457c786596ac836c60a3edd0a86fed08b9feb45b99ad21cd7fdab6759ae7b8b9f918f38","ssdeep":"","tlshash":"f7413902d45c86ff583ae13b00976b761c206ebe685463c0a78ad2647ac5e1caecc7c1","first_seen":"2025-12-03T13:20:40.46751Z","last_seen":"2026-06-19T03:29:38.783508Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/vertai.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.100Z","timestamp":1781839749100,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/vertai.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RVnCveQrkEMlxmSM2LVX6HTeeDX1ytI31D2uQ3YZNtnXGs8%2BgF0goQXq1K84hUso%2B%2FrCtAgjrDLSS1VpT600Tut7%2FTI3G6bpd3kv%2BRiV2anYWoGZhdIonPye%2Fu0G3OibVoxYUarbxQ%3D%3D\"}]}\r\nlast-modified: Sat, 01 Nov 2025 06:55:05 GMT\r\netag: \"6905aec9-eb\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 235\r\ncf-ray: a0df729fef7b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":235,"size_decoded":1032,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 2-bit colormap, non-interlaced","md5":"eb683c7a2adeb4c3271d9ec3b213f3d9","sha1":"aa4c219d62f4aba63be4482be9b4ad14ac7e4ed6","sha256":"814b871723f88a2b0c27769a073a847ca71b4fe2637371a20f52c7ee10469cea","sha512":"c499b1f4b5b732cb6b661b03b8644b367f9aec053de5f1bc65430905fe1d7d8c169fba2015d306dce3b5bd253c1de21fb33589bc351e190ae498b1103f761034","ssdeep":"","tlshash":"bfd0a7d996779dabdbf58723132e81579aa68409a110c58f682560e5282c19c8840a60","first_seen":"2025-12-03T13:20:40.523383Z","last_seen":"2026-06-19T03:29:38.786271Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/tag.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.152Z","timestamp":1781839749152,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/tag.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CNbh6ULY4EwltSYjYsUXpvm9YUlNaZgdNytjT9Kpdt9VqRnGw8VCDN6qsr3RcBMPIXcYJ6DdYwjUhi2l62wVrUFjIFgAHzbSJUSuknXZmDrxx4TQW8MqiyfKCe3cBCdLl3WmESX3NA%3D%3D\"}]}\r\nlast-modified: Sat, 01 Nov 2025 09:11:04 GMT\r\netag: \"6905cea8-349\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 841\r\ncf-ray: a0df72a03f950883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":841,"size_decoded":1627,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"96c226c1fa55d7e237a9e01a50f54723","sha1":"59250c833c2255a59289f72ea80c82d2c474b3f1","sha256":"218ed2b9ad1b459968ea98b2666a60e9d53fb9e89bc6fcc8d4e408ccb5fd8c18","sha512":"0efd1ee3ab07a2c57190d085972a487d7e4855f7437f912a02e8694b176d6d126cd2a331d110e4e5da97642183ddabe1e4723d18698900c1a9f9216e9b2832cf","ssdeep":"","tlshash":"850186a7651d28fba5e65815686f1e300ea1142ff3b06d008e6e5111a868b58df77d18","first_seen":"2025-12-03T13:20:40.671453Z","last_seen":"2026-06-19T03:29:38.788929Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/avl.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.452Z","timestamp":1781839749452,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/avl.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Eva8qQ1qpLkzFv9Il07dMI4bhXAs2sc98pvblQrLv%2BstzbYQ65pcOpLWKSQBCr6J0gqRoP2ynXsZL9iusNr4ZcofOa9gWggCd8Q7gf770y2yEWJM2bF5pKREc6%2BBwRrEdvpX7WW7Hw%3D%3D\"}]}\r\nlast-modified: Tue, 04 Nov 2025 08:49:40 GMT\r\netag: \"6909be24-3b0\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 944\r\ncf-ray: a0df72a218090883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":944,"size_decoded":1734,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"6ce13d10d12dde8f5a523996aeb1ce70","sha1":"6bcfd4e80713106ca14a73330df847042d0fb646","sha256":"76158e53691ebf59470445d8d6c484b682cb32d16ac8954efcc8a6ea03ce5478","sha512":"b2b9ea0ce0e98f9e55af97fa1061fec3242ee2455ee18407a18f0e296d0a242a1bc4b6e50a9fcb63f474704e1a24e39624232d765c86d457de25ce4ce4924cf0","ssdeep":"","tlshash":"1511c8e33ad688a8c16442689f75dc0a690d87356a2b92cbd1dbc215725fc4c0d66652","first_seen":"2025-12-03T13:20:40.525228Z","last_seen":"2026-06-19T03:29:38.791386Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cys.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.561Z","timestamp":1781839749561,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cys.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Wed, 28 Jan 2026 07:12:05 GMT\r\netag: \"6979b6c5-3c1\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mw%2FRSQ7MdD9HZlKiBsgMpUErpgyS5bbohj9aLnTqBLx7V6looW0e%2FLdlzqn1jth1DuEHifcACOhOegMgbHIFA4tX16PaWTId4B3BcP756b65ctPh8cl0%2FuaqtFQaeHROwOJ2%2B15N4w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 961\r\ncf-ray: a0df72a2c8450883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":961,"size_decoded":1755,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"d48bee91b665523509a134f5ea890f27","sha1":"37c52ca671ec0ca2efdf89750bd82ed32f7a69a1","sha256":"cbd7550ba44d30d5341a5f13c607bc81f23ad60cc88701392332b07034c3ec06","sha512":"1412c04866d4bc6ea5a633ec98ec796769d47b786ff3ae6cd47b482644479551419fd25ab544bee7473b91614612f1b81b50cb4cc6522c6dedd7a608af154c5f","ssdeep":"","tlshash":"1d110cc729c30c795bc81e473335f40051d329440d9c5a86188dc092b30b90d4bf679f","first_seen":"2026-02-18T12:44:31.246237Z","last_seen":"2026-06-19T03:29:38.798163Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/mgc.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.612Z","timestamp":1781839749612,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/mgc.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6c9-d9b\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hyPnM9Ez6s5tZaz6LXiUPRRR0psIkrI9qDLUE%2BGu8EsMYtEt7V7X44cGr2Z448gABj5NxOoE2FBp8cSCndRSY1wwkwvnk8ppkYPY%2FbUOaqT8Y5Kkku2rXvWjG9T4q0oFNFuXjEohvA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a3185b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3483,"size_decoded":4307,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"509c5c1c546f23249d0d87910232c053","sha1":"7b63ac2bdf014a7e5076737a0be63830893e986b","sha256":"153c767380bf0a2531f0fbcff76c5a2de56292cb09ff1656cfea2ac52c6666c3","sha512":"218b500aeae2c3f82c97b786a5d95b8ae90eddb8f74bab5fd5fb2d9941c602f83a9c9db90b7fbc878a19101aea8b23879739210b35e2538a88205e5b3ad63427","ssdeep":"","tlshash":"de716d90475fc4b8c0b45003e177427106f3f4bed5a697fbf21721ba62052a807ec94d","first_seen":"2026-02-18T12:44:30.77174Z","last_seen":"2026-06-19T03:29:38.801401Z","times_seen":11,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/perp.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.902Z","timestamp":1781839748902,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/perp.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:18:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690462e0-41c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4rM7q9v00A4WjzpPQtUeQ4ZWR800z2PV7bTsSICsiZWMOP9rkwSiM66%2B4OxS%2B0DLt1VlBAG2Y5dUOrCl%2F1RScXmKXfXV32pnMFBMqijP%2BVanjl1k4smk51SC05RKTlCfFBZHT1Gsmg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729eaf2b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1052,"size_decoded":1877,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2cabb47eae7e09e6256960cc4b7887f5","sha1":"ad14acafc5414b1fd45dada71f4ed833522f1123","sha256":"7b2a60e6512156f47cf28aeaced8016eaeca5a181639723553e36e4b9a6c486c","sha512":"b985184f04927715cbddb5d8182b9dbaa0c81575997b364d246c9fb21b9e7584e9c8f47f32a24bca0411f252eee26973e21e0e1823743ab5b3f1016ccc5192a2","ssdeep":"","tlshash":"7511b5e506c1286ea4a80c2beb4a95fb3a751db50f64191c3c8a9058cb847037992b0a","first_seen":"2025-12-03T13:20:40.670084Z","last_seen":"2026-06-19T03:29:38.803777Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/kekius.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.035Z","timestamp":1781839749035,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/kekius.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:05:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046dce-c4b\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PeKkojQ0awpKHhweuPLBkCgp7JyulFa%2FRjXMcu5Nwu3Tk11IIfteydt1yNZlM45yMlDtg%2BqmxxI0RNpQuqaSBJwq7ulww%2B68KaCq1MxXZCMFXl%2BxLLcHKufEh7BqewIDPj2IvseHyg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729f7f580883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3147,"size_decoded":3975,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"45e030da277c19f6f0ff93536e2ff67b","sha1":"e0cbcd4d6c9221888bc7428e583ad95166ba5e4a","sha256":"e7f39f9ef5626bba9155ebc002dd1fc35cee9122ed3e04d55e5838a9ac7b3e9c","sha512":"e7d985efa3a195a332a39e8c33eac10d788baac55735acd8ee38bad587aebd74414820566c7afc67721129929ebfb6ca735ca23b0afc64c5c7778fd99a4927f3","ssdeep":"","tlshash":"e8512b81d9d9ca0d8ae1ae97ab549263fa8b1d0cb20f0da0076c0ffa52d57d5958b821","first_seen":"2025-12-03T13:20:40.53245Z","last_seen":"2026-06-19T03:29:38.806072Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/xmw.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.484Z","timestamp":1781839749484,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/xmw.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:59:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909c07b-57f\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2ApQs6FED4Dt02XbvmUgjg1QsjDsSLOmXQszTtEYgGM%2B1IkJTdPOCcNbfMZ8NyBYQ17XQFqrAPQBClQKgLizp%2FX8hCWAvL20pMpUKfWUTD2xP52z%2BO3N9ocADnwpL0aghsjXxsdU4g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2481a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1407,"size_decoded":2233,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"e0a9acbdd88e38aa73d7b2162d2c2bd1","sha1":"f9efb4b076dfa5c5943a07ceac3df0c5442cf2f7","sha256":"1b62338a04e4916e0c8a0626545d2c2c73164b4f8492ee1246ac9f0f90db4cd9","sha512":"9cf66534f0803b139a16493171cc15495e926d06d7393a9f9bb63d96da56c09cf3b6a9039f16c39b3e39da2054803928d8b816db43416bacb4f3cd0ad1e021ba","ssdeep":"","tlshash":"b5212b9ba500972191c42ff07e73e410e07046147b92b90f2c850a27ff3505591c3798","first_seen":"2025-12-03T13:20:40.686442Z","last_seen":"2026-06-19T03:29:38.808339Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/super.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.894Z","timestamp":1781839748894,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/super.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=elpgbaC2d%2FqjJ%2FClyO6JReXPUGpXMZKxchzIkyMYJEkCvoqZnXnejRkX9nfFwbYo6e2uw0iUBHKYGzsHQeZoxVqvOnglRv9ZV2XAtvdDOo6%2FiS%2FpLkaLQAuJ6KfOuEClDg39cgNJVg%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 07:12:38 GMT\r\netag: \"69046166-17f\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 383\r\ncf-ray: a0df729e9f260883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":383,"size_decoded":1177,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"65d76da9fb09f18249bd0ef8d9e580ea","sha1":"f307a65432558d2ef9b313dc1d71179b57e056c6","sha256":"752ce26266745563a913cae8660f5203c6e0854686d65accd07eb7d8256c5cb1","sha512":"31c1f0848f02d0b22824e257ccb6b354c3449755e3c76f8ed6f237028108d637742ccf3ac6985dc4522602c79ae4076d90a951bcc412d172be2802023ef42f1e","ssdeep":"","tlshash":"f2e0f1e5c27ba885d395a221502bdc38d1a400b7546209888d47d72b5c00a694984845","first_seen":"2025-12-03T13:20:40.445976Z","last_seen":"2026-06-19T03:29:38.810666Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/lmeow.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.914Z","timestamp":1781839748914,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/lmeow.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:19:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690462e4-538\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KhTfxJwvHzsezFIEB%2FKMQT%2BODCVMa8MxtqFrUFovYoRHCXSqDSIKvHEhUnOCQLI%2FYFbsNVxBYjjvxQwve2XMSUJKVe%2FEgGKlf80jfsvIkQbOA0MvMxe7Z%2Bgd13SXPSfuugRgyHJ7yQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729ebf310883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1336,"size_decoded":2166,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"3ab6d48dfcbf2fb823f73f17b3d18ce3","sha1":"53b08b6defe23688d3f370e0e109bc8d1691c771","sha256":"be78d5b516ae54b4e7d2492799c8ebd68cf992e5c80be58d03fbdca59e07bf74","sha512":"a5af6276c4466f04c1df6b6147898f1e1d23a73704ac8b91cac663c94c35ec73edf89818e9ea706e1e9516ced74591aab1093e9d8f70af7e96ab525b94d38151","ssdeep":"","tlshash":"15210bfd8b8dd894b1fee4ba250dd9b102495acf11514c4221863106c55fe7c9906e97","first_seen":"2025-12-03T13:20:40.629116Z","last_seen":"2026-06-19T03:29:38.813256Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/rail.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.473Z","timestamp":1781839749473,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/rail.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:49:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909be21-6bd\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hysGOQ%2FtQBdhDdzilLgMuDgO9TclHVMVdGrxJdLyxbMP0DZrMc2YSK4Dar%2FDGWSWfA064SBsHsrrGWqAGcBbkoWLOgb2f1OMC3HtQ3Dz3ntuQHO%2FH50hrZUEICW18%2BEsAX8crha0MQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a238120883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1725,"size_decoded":2473,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"045413f1f94cc96fe783de446f39956d","sha1":"c76bb765700b39764a56a48ba690343e3384135c","sha256":"0c81dca27c287c5e7d870e16033c97d60e42f39e0f8b29bf4157c957d9857b0a","sha512":"bc16d18ceb441c680ac78db09f0ac1733e97caa4a3baf3dd592968c543ab852fd51f671f6ba29545d8b6ca0febc569a1373371cb89f14f1043ff7211e820e6e5","ssdeep":"","tlshash":"203108673321b20fe32506771d10c8346b3e99088818f75567198fbba542b8020c174a","first_seen":"2025-12-03T13:20:40.537682Z","last_seen":"2026-06-19T03:29:38.815463Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bard.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.508Z","timestamp":1781839749508,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bard.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sat, 13 Dec 2025 08:56:12 GMT\r\netag: \"693d2a2c-3ea\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F1IeT1lVXI8LEzGwNjxItzoKFeg7LewRz%2FQe3K36TEa55VZUpptUhRSbJ7Ly0F%2FjpU3sV1az7EE%2Bs5jE5WXIwdnPtmruafUt3HwEVwJjmoQUDSBxYWSmwczIsnbNX6pS9y8ng2K2kQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1002\r\ncf-ray: a0df72a268280883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1002,"size_decoded":1797,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"f0b4c5950d8e7a837462d994cf3f0abe","sha1":"931b10b5df3b83573420e68af603d3bcf7f0c3eb","sha256":"3ec226630c4df3fdb212b549e7193fd7ef087196c8ebd2ef5d4845d03aa4ae86","sha512":"310879b803e8cfa967488089bc09a5fcaa0d766ae55ade7dd1d518492e17e09ba4124980eef73889381bd0ddb4111426a22b8c82a02601d3e1384bf239f83fa3","ssdeep":"","tlshash":"c211a874221b90accbbb80ec15fe812dc52e88a56a440bb754945e7440580e76509f47","first_seen":"2025-12-31T11:42:51.776176Z","last_seen":"2026-06-19T03:29:38.818134Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/hana.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.596Z","timestamp":1781839749596,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/hana.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6c8-558\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qyKw5Rkecr%2BGFdV3jt10Yk14D%2BwJ08L2eLoBZoKkm%2Fqp%2FAHwZWBQu%2B%2BmsWzSTROwg1z2%2Bn2agAgSskAl8bwXNVa1D%2Buh8XlJLGKk6LIUHWpHk4jQrz%2B%2Ftn0mEOWQZKy63g2Rr73BVw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2f8530883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1368,"size_decoded":2163,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3","md5":"1922da1f051fed9313da1d40d4ef3d9e","sha1":"e1cf5349c2ccd0c0e485cf0a91dcba4d9b2426a5","sha256":"fd1877d4ccb5eefba39c03c6d526ecbc3500eb7372645ced38ba6cc52119d3ff","sha512":"c5ce56e5c3933b6f8692177996f4a354ec7bf5270f3c88e92d0f6d7b0c51308c0032d1fae9423879fa2f2dd5b97f97876388497fe84eaee1fc5c6c6480802101","ssdeep":"","tlshash":"df21c8208eb2ecb9ff1665311f2513a513022b08ff2ceb33369016882d15c708e19120","first_seen":"2026-02-18T12:44:30.961566Z","last_seen":"2026-06-19T03:29:38.828535Z","times_seen":11,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/vano.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.857Z","timestamp":1781839748857,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/vano.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032025-88d\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8qOU51GzSZMR181r2m3gY4RN96p7IinJPqGTJDg8aLnzvGdquwzjXUkz1vWV8EUf8soE8cDLWAKhqYGCXFsMaWerjgKN6R%2FghUHRAZeeZMEhi3O7rysHLnBuwHQodXEY6nfwK%2B00KA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e5f100883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2189,"size_decoded":3013,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"332046d349b0b48c02da8b51aa3cb6de","sha1":"4b893e6d99ae49920521b551c85d093a66a3d440","sha256":"838db242ba35c9f354f5c39877957ad6a9f0cbb6dd506f5c40304458587f84d0","sha512":"82bd3b534edba6b5a71fa310b90dcf1542f8307da8c162e344023a8d0bc7aced38cc62c9a884d5bd06983af7227012d614f1b0eb726fbe90274130d9cf039869","ssdeep":"","tlshash":"a2412b63b26f4bb18c986c103d00b955f9998654b97c6e7f7cd8ce653a11802e24f543","first_seen":"2025-12-03T13:20:40.525907Z","last_seen":"2026-06-19T03:29:38.838543Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/stg.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.919Z","timestamp":1781839748919,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/stg.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:24:01 GMT\r\netag: \"69046411-15d\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R82urJNs8sVJRmg1p8TcH0G2GAuSeA%2BeRnRMLQ0rIwYH38TuWGsIiJyyXqlVYYObDcj405FtCCOcyzHq7amn1AwmW90IRJhb8IM7rdBYkxkvGilYLhiKnr6UHmA0LpeOcO54ueIOBg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 349\r\ncf-ray: a0df729ebf340883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":349,"size_decoded":1137,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"132b7a276bb8abe0e2d7f70fa86077cd","sha1":"cb6f9752c39f0cfa453a76a59fe06b77adcaa132","sha256":"2b4660b576af83df5fa9418444b9a60396461584623606407438199dfc35305d","sha512":"a0611399240f363c8c69bff0628ff5d11cfffd4de3f8a468cedde6f86ec6a2eee546d37ca1b372120eaa1747c657e55584f3faa2c91248929c0da279a601fe57","ssdeep":"","tlshash":"14e0c047d330973ac62f12224c5860267d6f6059023f35c3f27f12748d19d4288cf503","first_seen":"2025-12-03T13:20:40.594641Z","last_seen":"2026-06-19T03:29:38.841404Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cheems.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.973Z","timestamp":1781839748973,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cheems.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:05:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046dcd-5af\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nFQkNkeGvqBcDRnBeaJ1bDYn4stEmvIaBjcnxNJ0E4zMpOn0Za6zPUhFhkRF%2BtMqhs7tsMVnO2FzGo6TlUtp%2BCY4Dq2fGpBQvsiXMTRGG8VYlDjhV5SwxoNN2aTGymPJ0JOuJZa53w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729f1f490883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1455,"size_decoded":2279,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7ccf13f731c986634eb4a1a0090910e3","sha1":"ebfabde8cd5c2a4ba1f70681b9ca9fadae3bf01d","sha256":"d3b7bd65a314f38e6ba8db103e49752f8973a9abf9ae54ed75191b67aa2c38b1","sha512":"8885079da6df5e094b9e98a1494d9dae9b2aa8f779a7b72e45fe3503304c744275a7a55ce8778bc177107d07c25c2d4b1b273e62d53bcacaa3959244aab828a6","ssdeep":"","tlshash":"0b311c0d0e903c8d6e0e2b7507db2971306477530e7128739f07231150495b1f80d89f","first_seen":"2025-12-03T13:20:40.634545Z","last_seen":"2026-06-19T03:29:38.844084Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/wise.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.027Z","timestamp":1781839749027,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/wise.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:05:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046dd1-5fb\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aZtpsYm1UOVpDT%2FzHNhAPfcqoi0LteZaT1sKUOb8S8roeFMraG%2F%2BUwrVpdg34OBRkrmBnSaWRqesPIInpd6VKmHq46m7zQS2NOHGpxCkt7BseMMOseqMn3n1SnyMsWLYpNyaHZgm%2FQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729f6f550883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1531,"size_decoded":2359,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"573a01d020b1818520a65b34fa3048c9","sha1":"3e381faab3e23a158133eaba01d2fc20d63dfb82","sha256":"c9d82655cc7612f2ae2ebbf736facf783bcbe05caabde2ab4abffb99feb0fa53","sha512":"6a00abff46fde11a99c5ed64494e46b918d2dd49a176cd806db3c0595e74d681603782047f61993e32a5df509655238f2fd6e8f066c5a946d40fa98f508ef647","ssdeep":"","tlshash":"b731b53e76039da9455c5ae2f10aa893a0ded09308ea428ef43ab06f4e1a95c452e50a","first_seen":"2025-12-03T13:20:40.572918Z","last_seen":"2026-06-19T03:29:38.847583Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/red.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.055Z","timestamp":1781839749055,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/red.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 08:10:12 GMT\r\netag: \"69046ee4-209\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tiw%2B3npz2MBhjFeh%2FnjwYPga4wiNcbeXcYhoBOAzQ97uVRotekKiNOubZIsQG%2B68Wc8d7nR2YL89pvo4fY66PpjJ1IJ8tRRDv0TlA9PvjjFbWR9GtwoyRGUDKb5KLBrMSy4nimqSRA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 521\r\ncf-ray: a0df729f9f630883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":521,"size_decoded":1313,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"5b55a316f758315a5f1032cdf67386b4","sha1":"30c41403d1858c221e66070fb371e8f15517b4e8","sha256":"49c544679216a948d3f883ace66c2ca5b4bc286e988d697649c2858344d01f82","sha512":"6cd80568661637476eeaa2ad596756b07565674864f02c05e7bd0823711a9f4f637424ed9b77dec2f055918ffe3f030bd79c61498ede41dbb91ab102416c7991","ssdeep":"","tlshash":"eff0201373251c2c845c34218360b1ccba5324a3798806050511d73f067a956d88193e","first_seen":"2025-12-03T13:20:40.694177Z","last_seen":"2026-06-19T03:29:38.850456Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ens.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.890Z","timestamp":1781839748890,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ens.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:12:41 GMT\r\netag: \"69046169-1d4\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CHnWWg%2BjnMND1BeVSavoauuswbUqa8rNagRYV9SBGsgysDhgjD5d95YXMWpRdeSDJ79xM6lkzSDb7Ih6ud%2FetPI1S3aTWl%2F3VVOsWrpd7wG3N9SWkYogGEbstfg1dwGXDAPNCXmEtA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 468\r\ncf-ray: a0df729e9f230883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":468,"size_decoded":1260,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"935d73f7d4f16bc43d28bfd75f129d70","sha1":"c2fa157268238fc3627746c976e06685f907e3e9","sha256":"3fcade132e718cb70e700959d1ae51e7efd352531d98d1f80e1dc21c72a91b8a","sha512":"271aba0255e20df38958652665740c743cc102938186f6f9b227605a2074e8cea1a53a823280bd7c3ed5d254f4de33d723d94d75c821f32cf2f3f9de4260f6f4","ssdeep":"","tlshash":"f8f054cd09ec2a6ca38dc1501c9010069eef4b90048148c2e5895e9c2d41c4fd959290","first_seen":"2025-12-03T13:20:40.61604Z","last_seen":"2026-06-19T03:29:38.855075Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/babydoge.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.978Z","timestamp":1781839748978,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/babydoge.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:05:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046dcd-571\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ujv6oMMbVfBoAhco96ss9kg%2FXNLYDeChoT3ohiYPsusMGVxOPmpovOYmcaoobZCAdbldR0EcrMvBg62lDECE5RYKsgShFQqPp9NbzYAKWsg6NZUPsNfeJ4c5BdotmnVXfIdwhxms%2Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729f1f4a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1393,"size_decoded":2217,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"33453d7b4f5984fc9d964bbb968e9882","sha1":"e38f072c5b9c5195404bc334ebc15e6b54c9e7d2","sha256":"4600626030a37b05a6130347265cd4e3e83f108c69e7ff467142c848743b798c","sha512":"0cb0d91886cad04c01f2621ecaeb886de874345f06f7d79b1d364162e59c820b9e4314052cd82838d698bf6bfa02c9c8cdcb1a29ae66aa4b2f25fbaf53d81e1b","ssdeep":"","tlshash":"1b21089022962af92ef4e12220f5e48beccc21a6524f166148b9d736c6b180208f0cab","first_seen":"2025-12-03T13:20:40.546289Z","last_seen":"2026-06-19T03:29:38.858395Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/rsr.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.017Z","timestamp":1781839749017,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/rsr.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5jyPPNFa1mj6otOv93qxURrJnNmopvQ9OIDlRFbtk%2BHrnudlXIp9XDi1hOBdn2V3YvUFqvl6tP1HTe1BS%2BnWnFFHPoZc%2FAR2SCcWa5aKhW9TfjHGCunCGqWyK2%2FXWBLLj3ozd0A8Ug%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 08:05:36 GMT\r\netag: \"69046dd0-17d\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 381\r\ncf-ray: a0df729f5f530883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":381,"size_decoded":1175,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"678e4934c0ebaccb5e398a5c412faf46","sha1":"a706763d4ee623b1b295a4189e391c4e300f4748","sha256":"3e92a0dc019adcf3d91d99487f39fac17762d16a4afc7e03fd9534d740cd9d81","sha512":"6e2574f056bcba3605d533f71691cda736e3a1dea3b488d3f9f964fd6ed51c46bc43e14c5aec795da513457a41f4135006ae0440c2629e77974074f3c330416e","ssdeep":"","tlshash":"00e0f8eb378008a4ee4b27e38a2d812a9ed1046855240e87428ac42fa8244e188020ba","first_seen":"2025-12-03T13:20:40.688025Z","last_seen":"2026-06-19T03:29:38.861231Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/sign.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.118Z","timestamp":1781839749118,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/sign.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 06:55:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905aec8-612\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XYxOOgehUng4gFjJLdCsmQ2RYMO%2FYjLXULwZfjAGejspHmY0NItrASDuYB0DRSW44ckG%2FIFI%2FWlIkKY4ghgJoiQqdumLjx69LtQ4bQ%2FuyI3ldmExmpL0EDRh6t9GLDXreEu9WsHK2w%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729fff830883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1554,"size_decoded":2382,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"4588180921e5f55659ff28d2adf19387","sha1":"4a879924b24e0b55dc79b80e1372902a18137ae9","sha256":"ef175dbbca8005a3efd9dd24b0cc6c435d34428156afbae3f9e80802492c9d4f","sha512":"3dc02a6cef3cbce9589294c35ea88d2f8f261c3435b1ab5eb8dcae16f466ed582665d484aba67b36fa216751c3ca2daa6537d04ca47703a8ac2b05ed8e0c458d","ssdeep":"","tlshash":"01310a5a7290b1adb4e983e86942344c390b4118767969111d925660bd8f760c6f3ae7","first_seen":"2025-12-03T13:20:40.540545Z","last_seen":"2026-06-19T03:29:38.863907Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bananas31.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.145Z","timestamp":1781839749145,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bananas31.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905ceaa-442\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IHX%2Fn6oz80UeXJDpcIGHWvmoifxSyDxaq7vctKifAsxQiW80TYx3HOkEhTPOFQ1%2FZH%2BnQJrdxCWXH8uRnd0NBkBrZZSJjtTybkbpXILHdinPHj%2BDgekWWGKf6fDwhey3XgY98SbZMg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a02f920883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1090,"size_decoded":1918,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"71d0080f830601f678051bccadaf91d2","sha1":"e76c7895bc376541b1e4b04e63d196147793f5f9","sha256":"4b234cdeca7c44187024b7a7cb697c231b805273cf5e988870804b809d3f509f","sha512":"5e9c80ea8a3455aa23b5d6f294ff02763e3317ff65eb301e1bb4f9ce64b5b1f417e693b7c67007d2d9be2c0c358f207fb88a3ef3c04c7a5edd089dc5cd3d689a","ssdeep":"","tlshash":"dd11e5d9fbc0b0b86062bab10160c427886d3836968b23e05409f4660fbb3bfdc4308f","first_seen":"2025-12-03T13:20:40.625432Z","last_seen":"2026-06-19T03:29:38.866693Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aio.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.276Z","timestamp":1781839749276,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aio.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:39 GMT\r\netag: \"6907015b-356\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I5E%2FUbKHFpV3AzWOWDMC86vKfQA56Omyf%2BEpDaeF3GGHT3tFllycljFYbN8TLEvzN4Lkcxnf8Z7wIyVqOVqWJ9JQB9m9K%2BWTRo6um0%2BpDCaClPpQ924GWxuwky5mThbKtoam1WP0ug%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 854\r\ncf-ray: a0df72a0ffc50883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":854,"size_decoded":1648,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"75892e78292b621a561ffb97b0be000e","sha1":"a5128036633f09eab01f2087d8cc4f7f6a5aedae","sha256":"d743f05a9cf14982a60bdd5c52e4bf2ce9864f60b02f517bbadd728bf257fbae","sha512":"bacdc79bf3847bd42c76e96213239e4168d9d9b689c4742cb782bd02f88460524f339ce75d87afcde06bc9f19ccdb67b6505be7997e2573be15cb157ca4b3b0a","ssdeep":"","tlshash":"270152fef76a2d4a92164524e7ca971058a081b0210807e8c64bee3a0dd3b2f94aa256","first_seen":"2025-12-03T13:20:40.557022Z","last_seen":"2026-06-19T03:29:38.870049Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/rez.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.541Z","timestamp":1781839749541,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/rez.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a25-79b\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8TKcuMuvyeykBo0QJ4JKlnltpW8uCIdyteRDw8k136pd1oQxVIp6Gy5r6RZ0JsytJvY2dKaKm85TuKr%2BNztJxvYSOv16y7YN5B4p6vQyk0zfRz1kgHNPm%2Fud6z8FsxQ9CpfzR%2Bk6%2Bg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a2a83a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1947,"size_decoded":2762,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"bafa6bdc6bf47320a6dd0f4d47cf9293","sha1":"21904d12c3684b9ec56f762dd3e6af61af956b6b","sha256":"507e813bb3b9b87463257c8bb7ed4ff21f0a78aa32423d9abaaf4c322b8627c2","sha512":"d6a35e501fef651ea930d7912eb181f4c9154a0a52e20ea76163ffa79b970d2a5b94f06faa892cc3fbed1113cf4f456c3b647ff9ed55ffb2b55450c010b1c43f","ssdeep":"","tlshash":"cd41ecdedc95e1d9ade2e16750f8185703dd02092e1e35257d645177e03e80d7d30ac5","first_seen":"2025-12-31T11:42:51.830239Z","last_seen":"2026-06-19T03:29:38.873708Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/sushi.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.764Z","timestamp":1781839748764,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/sushi.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa69-7ac\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6lzVJqspfuULZ4YxQZ4zIDjOkKYxPNKggJOx1ODVcu3hSx7ivqTMNIQz0T1Toa%2BWIfJ9DjffDTsZ25h%2FICLtdhxr0Tzynf%2FhHbJ%2Bu4ViS6MxkjPQBLPosUmZWI888gvBdFjZGCmdGg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729dcedd0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1964,"size_decoded":2787,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"4dc76f5a28bb432685cb3fdc688cbe44","sha1":"e281e75fffb25cd720d08b4218e16a79d3c8ecab","sha256":"07c4015030df32ab1a6bfe5e2d6a8a59183708bd54d43f2365741121b9e2e485","sha512":"826f5b7f504d3cb4331ceb32af9f1e8119ea2180fe394a9441b2cbbd4b900c9eca2ce9eee1c16be6337fcd7b320e7aa1382fc8d2d799dc30530c3c143b7315e2","ssdeep":"","tlshash":"0a414cdc63cb18bc9497197225f01da0987dda8c5196ee707b97c60f124a2468c8430f","first_seen":"2025-05-03T12:37:51.739747Z","last_seen":"2026-06-19T03:29:38.8777Z","times_seen":35,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/jasmy.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.953Z","timestamp":1781839748953,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/jasmy.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:29:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046566-637\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OopWNzAKAGGvMVOn1q%2Ffe%2F0bZATWgjhLmN7fC%2Bads0XayL8tQf6P49XX0EIfMHHaemGjQkGRyRSdRF5yKW%2FLuS7CWJykLw2j2aUCwWIKECUfVSTW2RG2r5OgXynWYCQ0sbdfbogWGw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729eff410883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1591,"size_decoded":2419,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"794ca3bd0ababa7f571fd3936e828b2b","sha1":"2f32898ff09f398431f0756d835987b737dd9afb","sha256":"a5537395038f7716088e83315b59e7d818d01be3e17a5abccc1dfa9ac2b98e70","sha512":"7c8ee0f8b3f07fed043854237d947967b420b3e34f640b219b90fe4f242666ca0429ddf89d71b9343c491d0aec931a733be0fddd1a24c7d42abbb5e5769e3c5e","ssdeep":"","tlshash":"98310a5d500de10d80d5da83688b4e13ee98bbd18d5d3d52323882aabe354feb7c2441","first_seen":"2025-12-03T13:20:40.550193Z","last_seen":"2026-06-19T03:29:38.881885Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/alcx.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.965Z","timestamp":1781839748965,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/alcx.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:29:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046569-455\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qux%2B3mdYdT3MC4iVOdAi8EziK5jQG62azkIwBKctltrVQ8gHgA62vTD42Lp197j%2ByyTOR%2F5k1s%2FlcEPvTYubXYsFkSkgwiQ1aHWCVmGd8mgHz%2FWtO90L4UmW9OBHZOhjqy%2F0XMsZcQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729f0f450883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1109,"size_decoded":1941,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"5b182046c0028145717ece6d8fdadcdf","sha1":"87b21821182be0e2b1293c1b582c8f5591807728","sha256":"7758c0622d7d6ebfe8c61ec093d81eb33761ea7921e5dd9e747de57ed436c4bd","sha512":"016f6a376ef5df2b8c9fe14a2d352b7351e6624ff8e66f1f2bd4d3ceff4287910f61911f0c18f8388df9e091b904278b2fb338068a6fbb345cf22d0c6d994c67","ssdeep":"","tlshash":"c911fde433ef380d09311068094237122db61dc663189856c14bee31ccbb1949caac11","first_seen":"2025-12-03T13:20:40.590793Z","last_seen":"2026-06-19T03:29:38.884715Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/wolf.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.967Z","timestamp":1781839748967,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/wolf.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:29:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046568-68e\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JtB5gpoB7zhxz1BPgYva2b4kZgBXINf8k7ZJJVVtLzC1uMdt3oMcU7xIZRRpgmOj%2BMzB2QRI%2FyAsk9vFIgcJQlbj%2FVQr%2FOoZHBw1hEwLo%2BzR%2Bc25XQxaJPkotJXSRXonYX%2F%2FTySaLg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729f0f460883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1678,"size_decoded":2514,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"26917a7c96880ca3e8141a550223d028","sha1":"4f22d9ed5d254603c435c1cb153fcefc01faf236","sha256":"c3de9b5128e521262cb4013f96780504c9ccf85ff029e992b002b734b6bda47a","sha512":"98c3bd833af3c7bb57c46726f9d5a4b1aff1b7cb2f66c0f39d2768fc0692895b81313a617903dcdbe85421c724f08d04385b1a4374253409d4b08ff6db48dbc5","ssdeep":"","tlshash":"11310ace13d325f88c185a297e81900c455dbe1c8abdb40f13f521bed7f56d1b98202b","first_seen":"2025-12-03T13:20:40.480443Z","last_seen":"2026-06-19T03:29:38.887684Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/xcn.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.022Z","timestamp":1781839749022,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/xcn.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VUntFndy3z%2F6YffsQXLJqANWVFrp%2FPWa5jP3BLpXZc4SUT9HAGiVxmJi5b1O5sB1r23vCSNcw4Q7LmM4Jn%2FE8Zz7CndD8xCZ37aLmG1YxRmyrxBzvLmWR6O%2Bwr5VQ1TRhsF9IpaIMg%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 08:05:38 GMT\r\netag: \"69046dd2-2ab\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 683\r\ncf-ray: a0df729f6f540883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":683,"size_decoded":1477,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"cd3a01e9fed17b0027732d4ed3b2870a","sha1":"428b746d91bd6162215196cc90318948f540dd0c","sha256":"3e1989ef8616e44459865fad1835b6785f5f5e87796283cd3bc583c18a5dea44","sha512":"15348a68d2494b9879acfec9dd6a949b7a04c6a418770843d28bd977b99840ad82488ff38ec2781e1ecaba7ab4c48acc6a2a3fa0f7f687ce0289a0785e432c7a","ssdeep":"","tlshash":"90014efa090738e3c1e722a50e1aa0a4dd71248a08eb098bac3368542da940c9a8f4a4","first_seen":"2025-12-03T13:20:40.518452Z","last_seen":"2026-06-19T03:29:38.891433Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/fsp.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.170Z","timestamp":1781839749170,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/fsp.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 09:11:09 GMT\r\netag: \"6905cead-34e\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nwuTT%2F%2BZ%2FcpbqDqfuksTZOSJmnWjW46jprH9zZUzxbQYXhBjreJK4YWt%2BSlVI6rcwyWpPP6aPrH9j0JqScrTiiWuqY58EGMJXX2LiVyPOqYlo6cIK5iH4NxX8D1z%2FJK7zTMoMe2NlQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 846\r\ncf-ray: a0df72a05f9e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":846,"size_decoded":1642,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"dc94722feaf33837883606622fb68b07","sha1":"728e82030b9a5021ce1d3758f8be17568460499d","sha256":"dd0926b8b1dd1c86f88972ab638d97d7aecbf11a64a1b208d9e1b8cffd75babe","sha512":"058d4004e32fbbde81f5bca09ade81014fb9a00eb20056c5359dc54c0b7b8eaa037245ed9b0d1c4965f3209e9922f68372a46121a88580fbd508ae3f3155a5a3","ssdeep":"","tlshash":"c90152a39b224a77d2067912fec811a09e6b32e186e328dc819e09362a162c10deb156","first_seen":"2025-12-03T13:20:40.606019Z","last_seen":"2026-06-19T03:29:38.894985Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/fet.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.388Z","timestamp":1781839749388,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/fet.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 07:29:40 GMT\r\netag: \"6909ab64-159\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ERkQQj8zCDBzG5RFahQVpJ1RQtKmtgSC4hm7X1zyCKL%2BS0KN4wp2Ev4nQ0Q%2BU8KIwD5z7I5PCMGJxCrztt00wnfgth0tTp20F1pIXIu3wuMESq17Cowl8Yc17RlCB82JXkvDrU89lg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 345\r\ncf-ray: a0df72a1bfec0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":345,"size_decoded":1135,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"42465d6ec62c4c3f3c85b6dcd00c00af","sha1":"0b18143f63d5c90fcf658cbdae97ca49aebb10de","sha256":"7ae8ecd6221d898cf0a0d22c0187578527d90d44c62496e66a09c744ee2f0285","sha512":"061ea9f722b80f3a598e292b819eac8b7054b837e6d890f3cfc1b9068ecc9e8c0222f7b13b7b3135a2f99285631203d81f632b34293b8b932a7f909fd2482c71","ssdeep":"","tlshash":"05e020ab3120ed98d559763b592141709872a4383f82058a085a42e59fe35fc8dda511","first_seen":"2025-12-03T13:20:40.650229Z","last_seen":"2026-06-19T03:29:38.903066Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/serv.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.483Z","timestamp":1781839749483,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/serv.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 08:59:38 GMT\r\netag: \"6909c07a-297\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=opGg5dCDfk3qiQOP5em4Qb7DsQsKw9p2ytlpHR8qBhTMP%2FcwMnFHRoImYXJx6K3MM5Vy7wV7cJqDrIWzrQ3ocsw7FXhylVOBwruH%2F3Ud8rJq6hdm9R3tL2Ajm15VZyJXKwhAWDK2yQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 663\r\ncf-ray: a0df72a248190883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":663,"size_decoded":1453,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2fd694a8c815bccb31a8457791056437","sha1":"38cd3caf75e78b5d82efad0fbeaf547757d60d2a","sha256":"77f599640139b76465048666cb1b0db520cb028987225fd37bab3eb6c3f541c5","sha512":"267c358402dbdb6383c32865c0965fbf59e0bb39a99fbb588de61ce1df6a144f314fd5b5da29cc2922b60dc012be80cbd5a06d52464a04418174e06644dfa4d1","ssdeep":"","tlshash":"5301235a021e86f3c19185bb8bde2764ccdb17b950939a602b6689773df1e04c88971d","first_seen":"2025-12-03T13:20:40.680164Z","last_seen":"2026-06-19T03:29:38.908619Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/apu.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.883Z","timestamp":1781839748883,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/apu.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:12:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046168-6c8\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xD3tPq440Qb7a9fpW8GA6aXZhEhSHmNu4Qpf6bxqTYof0x1CDEg8FiMs7XB1nLehj2R7jjZ7papeNCj3DEW9YoOgTDVFJ3d2bN3TPz2ZoezR2ICv8sKj5%2FL%2F6LpkmYKTESEpubbjLA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e8f200883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1736,"size_decoded":2560,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"1d2be3cc05de7e08708e5163266b7091","sha1":"170a8cd92cc9650467e9259c8e3fc4b968bc65c3","sha256":"00ce89b02a7f775cd8b669b211fd87db586f1b2d9b3fac03db2cba6d887477c8","sha512":"d43d6c8fc279d9d49371877220e7dfa261c58b6ce4e414c09079f63ac6fbb2180637d5885cce8a7f76333857819861938b27f13ae587874ef881ed50a0caff68","ssdeep":"","tlshash":"5f31095625ce5f22056a7ad51680007c6e01c135bc84cde4428b0f3dded88aed506f0b","first_seen":"2025-12-03T13:20:40.624601Z","last_seen":"2026-06-19T03:29:38.913445Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/tarot.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.818Z","timestamp":1781839748818,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/tarot.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032023-a6c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kSJht7T8FzPBEjhsxB2xHjlvhK0UjHOEou8Ru5G8OWlYA%2BHKyk%2FI8N6h3W%2B%2FSQvgGj2owPNIxGKERNHHmVQmo%2FOagqpHpKUnqdeovwBLJ%2Fgx%2B1bUoOVL78kgHSy9uokW0Y%2F74Uj8Ww%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e1efb0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2668,"size_decoded":3504,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"662f6504eab9a1b9e43d57f8b0ea94a5","sha1":"2be0d888af24d5aacd4b94c04241509c2d9bebe3","sha256":"e6ab6a220c970e4c38c8859d5a0d38d58d083bbadad67326b2a0c320c3621690","sha512":"6339e357536af1ad9e243f6922a483f0ec3f1a8e10b0c123b575560e3fd80c466da75945af80e18172e81d9782b5028fa820c7b3dbbff97005dbaf82f8c322a4","ssdeep":"","tlshash":"7e513ca99adba48528512f650701f6557774535515ccf3cebc50cb49e348b16b54f108","first_seen":"2025-12-03T13:20:40.56184Z","last_seen":"2026-06-19T03:29:38.920406Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/doginme.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.228Z","timestamp":1781839749228,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/doginme.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 06:59:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69070150-6b7\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tfDYs4F2765QW8J4U0GD0Yc2pk%2B6Xczx%2Bq5GQgm61CJjEoMfEKobkyy%2BC9vJYSG7RAgfFy8dKbr7D1T5L18yqvYBbqHvTb7KSiMLHLvqP9rDnsxFrOZiup2jj7vt1NULFFeGb3yVYw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a0afb20883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1719,"size_decoded":2545,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"da034eecb9334b5380904aa360c7590b","sha1":"2fb39ce8457436760614c84a25c8f4fba811f5f6","sha256":"3fcbddbbb652c4f8c31b9683f12a0153dad996ed11f3b5608a33d16dda832a90","sha512":"b7b39dfb3889ed7e0bc7c83575d9b1e88db18931a442110b6ff30b312e4fe56e612459fd59e5b248bda52dab522b682b093ea120a313c0a9da96bcfe2243a8f7","ssdeep":"","tlshash":"1931f89f6277941eaee044c120a05d811a02aec07a511e9c6b02f77cba34ff148defc0","first_seen":"2025-12-03T13:20:40.534444Z","last_seen":"2026-06-19T03:29:38.926517Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/now.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.364Z","timestamp":1781839749364,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/now.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 08:26:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690715bf-594\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hlgjaOj8Y7iNS5KW1EhjE5huWc9fwln323hLg5TJWqOQYV8wrcX44rh7pCDibBPMaZFAaSltNWpKFkOEPE84eYWe7j4b37fEzZlKKgWanJdY0ofHoeuzXfMf6axsa1wCR5Xr9Umk%2FQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a18fe50883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1428,"size_decoded":2250,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"76d834f956f764f2ad2e35f6c974026f","sha1":"b92f3375404277b4ebd3952c91b3b1267ea3806a","sha256":"7face33abf6ccbbcc8cfa81e81e7a57e9b8550e5e423bbc87cdda44dd11ee515","sha512":"0c3ae3a1bb040dd63762d602fc8d882940144517d23eb9e4185b66256caafa5bcc84283f42063b8c39dc59b7b4efa3db44e0a18bc3e3899d46322984e77cc78a","ssdeep":"","tlshash":"d021e949919fc87c8dc0a8356b42cca2865542b8057a581e033f5f7acbc2d448f811f6","first_seen":"2025-12-03T13:20:40.507304Z","last_seen":"2026-06-19T03:29:38.93066Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/yfi.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.436Z","timestamp":1781839749436,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/yfi.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 07:29:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909ab61-6f5\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kl4dCobUXA27L0XSH2LRfu4YUXdchgF4r%2BuDzFIVbnLH1zhESP7hj3mZ18ONbO0EEkOVk4Qn25tXXo3P5y0wXsJg1Yz%2BjEEmlzdYbw39wiH19kGUHYgG0uEF%2F%2FcYDcdUjC2JCh4wZQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a1f8000883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1781,"size_decoded":2555,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3","md5":"b9cca28e808e5dec932942250b1e889a","sha1":"59186e46b98bf146523dfe3d6d090a06817e44a6","sha256":"2e679fa8ba90eecdf3af4d593dd48d4ef7600dd35d7438d79445d4fa3cb59c06","sha512":"a5c7452506d0ab6c12dd88a342a285860dfff36295eba93f3c82537ce7c82af5851160f1e11cfcf2ebfce975cb97a30b4c81459ac9a2cfafffe53b4df6ddc713","ssdeep":"","tlshash":"9e31080663273a06ef0b87b1442ee9ada70cd40f3c881b3aba412d857549ef004d7322","first_seen":"2025-12-03T13:20:40.690196Z","last_seen":"2026-06-19T03:29:38.940937Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/jmpt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.443Z","timestamp":1781839749443,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/jmpt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tsg9WhTo%2Fh6j4F3tQrAZgDVQcE58TWD7Sr0kZLEKyh3m6NNLFnhPNVi66udWdr1Hzt%2BvYn0JGR7zHdI7izKZrdNXsQdDNKnmrZNJH7jN0LscLs3VByqqAn%2BUL1ZJFDP04LGxMFgXNA%3D%3D\"}]}\r\nlast-modified: Tue, 04 Nov 2025 08:49:43 GMT\r\netag: \"6909be27-208\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 520\r\ncf-ray: a0df72a208050883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":520,"size_decoded":1312,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"b0f90b2d8dca385208d02aa8d8f2e281","sha1":"e950d419bc9cd27795df092ef9dc0de7e54edbb6","sha256":"ad2a74eff40f45ead9d9a6b166c6159f6cfe1de6564cf6ba420ccdf437b94ebd","sha512":"73728177676a9f687cb2dbc5be480656081f1d6d07c5a6721a75f648fb59b944ea5eb3666add86d3a83b2dc89e157bd7459f87c73659113bec75210496e2d555","ssdeep":"","tlshash":"d7f00ea707732cfd8aa55c29be0540a0c4f78c0eac1178747ece99114c526cae0e2a9f","first_seen":"2025-12-03T13:20:40.632195Z","last_seen":"2026-06-19T03:29:38.944055Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/slx.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.556Z","timestamp":1781839749556,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/slx.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a23-4fd\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n15OJMbu7XrD8RT864TQ9uN2EYtpoX47moSA8qwGxc3FLaLT4QhigsAFPIAbQnD9riaBd6N2v%2BOu4A%2FqeCmPipF%2FdcSPC4jCE8jFueEpBsoTAzmif%2BCgeDq4iEmPZWqUsZp%2FJtGc7g%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a2b8410883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1277,"size_decoded":2107,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"4109f2c1777176ee5dec594760ee1b76","sha1":"120feee88a4689634b028750884c61b2bec86238","sha256":"a53c9ba9ec97c2d1f79239facbf8b910844cdffb4635affd207edceb645a5afc","sha512":"e01545054042f14de2f016290574268f8b9c078cfc2a74a8d75ce32105eb6b7e00dc0baf738a4a48645bdce21715df35ed1133749f81d181948efb641e361ae9","ssdeep":"","tlshash":"df21c5a86feebc1885a3e070cd33265d87bf2cb0a2c2019140da94b06f462c4d37ad5f","first_seen":"2025-12-31T11:42:51.983762Z","last_seen":"2026-06-19T03:29:38.947663Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/rave.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.585Z","timestamp":1781839749585,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/rave.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6ca-585\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uqFKQ3hbC8p0fWvYD8JHJCOwWwe%2Bw97nkweikckYtG2LWv9kcAKzBY0XcM%2FB5zEU5PgqNNtBr4NJIEtk7KASAMLj6afvp8FnzIOZsa7sEIulfJBwvaBOTZHlECj4dji65wE9rn%2FIbQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2e84e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1413,"size_decoded":2137,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"fa779f9ea5af795a587a0f78683cc5d3","sha1":"704a73b57f457277b183e943ee738265d55fc8a0","sha256":"16d19760940eb23036f6d617bd36ef6bdbb44c08396c008d67353458ffc29363","sha512":"ceb73aadebd49bde12f19cf42baeea2bb702660e36a70969279e468ca8b9375a3b0eda1b93904fa9bd41d779e7051f722e96a3130b9c3685652cb7549e23272d","ssdeep":"","tlshash":"5421d87b72219903ed7251f18e17406e364acd49e5782a8c921bb30a7de9d68a010d87","first_seen":"2026-02-18T12:44:31.089347Z","last_seen":"2026-06-19T03:29:38.952123Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/gaia.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.864Z","timestamp":1781839748864,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/gaia.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032019-519\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oh76cL6BFvJLzwPO2zFD8KfAJARsZa1eQBUQCTISLIU2j7qX9S4Kaq2IFF9s64EVHEVwSO9sHGBLSqGkmyMgXxAE2ulmRRBt4jNkACel7Az1NO08CksS5sZB1V%2F3JkjVA%2BX8O%2BKedQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e6f140883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1305,"size_decoded":2027,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"864d5e44ae69d283029ec6fd42009fae","sha1":"8c168f29c60717a4fa95690f8d5f91c66b0049bf","sha256":"e3cef7427f951096f2c9d18d263df07c451a118ca24adb1bdcbfb1df0468c22d","sha512":"8f0bafbe63d31d77352162987c1bda3c3dcb63cf76ddfc62d94419aa9a53f830d166689db843ee217b50e57364ea0ff3dd31187a87e6b70fe73a0c000294152f","ssdeep":"","tlshash":"a02198d36e229803d41772f95f9dd631061a4c05f4f82217c1ca6d6e7e6c2ec6445b98","first_seen":"2025-12-03T13:20:40.500174Z","last_seen":"2026-06-19T03:29:38.960747Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/trwa.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.297Z","timestamp":1781839749297,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/trwa.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:36 GMT\r\netag: \"69070158-12b\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bE%2FkFkZsmmZNJ%2BjwIOxZYJf0RUNy3TF%2Bn4RYc2rWMFE0RaSFDCbdRU%2B7%2FN4niaQn3Uk5kJz8esWkIVu0Xz5lAYpAtYFJ4sXXbgOzua8Ytd8UtpYtY4gXOklJDbZlsR2aYFlLfTsPSQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 299\r\ncf-ray: a0df72a11fcf0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":299,"size_decoded":1095,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9ae44560ceaf061487fd78a2d279fa07","sha1":"3f491bd7447cfbc48e3aa71a409e304ac70d9344","sha256":"b00f6b6124df711899cc18698ffd7ea73eeaee120e12bbfc7f60260f229ae5bc","sha512":"b571cac73104dd4a5c1253aa33f82cc350b740162da8782c39eab4a71f6d1d23207dc479e2be7f4a6f832641146871e10a8a5988c1e82aaafc73a052e92ecfd7","ssdeep":"","tlshash":"38e0e7fbd21d1d34c86314372de8b591fcfd7405ed415c010f57462bac05034c450104","first_seen":"2025-12-03T13:20:40.621382Z","last_seen":"2026-06-19T03:29:38.964938Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/nil.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.531Z","timestamp":1781839749531,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/nil.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a28-4b4\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qQ0S9yPV9lHlOVl%2Bq%2FBgUtRwl54UAt948m3GPbvklOpUYDGq75LMzB2iKvj8w7Fp22oTfDKF0XMDAR3GJNVWKXh8kOS%2BSBia%2BzLyqOwP4hWavm5x4v6%2BdLEE1jwD%2FaTAeu5%2FPMBcyQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a298340883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1204,"size_decoded":2038,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"6d3640aaccba70323ecca7ea09798eb3","sha1":"eac226ac7ff63e67364f5331e5436c865362debe","sha256":"f41d9ac365e321143f4de0828483f4f9dae7d881579f5488873e909d4f51b240","sha512":"d9dc9d06c57fc1d4d915dc2f9c141662eaa5c3edf81411afabec0f1eaa2375b14233ddd1fc5928a80ad6e5a6294c727349771c91f398b4d6d0de9f64e42de41e","ssdeep":"","tlshash":"cf21e4d26886adc8de248830d8333daca2483f4b83a08acb1804044b9b56bae4a4a441","first_seen":"2025-12-31T11:42:51.714387Z","last_seen":"2026-06-19T03:29:38.976312Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/river.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.582Z","timestamp":1781839749582,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/river.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6ca-5b2\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VOavCwjCxMzNkMrqHSTjeSEk82o46jh4lY1pp9XvN6RZCZGI66pMi%2FVcvM1TIsMETVDus3W7k5cqk7EsrSEKYYbeahzznPeG8iYtW3uzxqsvkHJVlbyeAqoGJdHZUdDpmNnfpVBhcg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a2e84c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1458,"size_decoded":2280,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"fb3acf898e32a0ea9c61460e6c9a5faa","sha1":"9c4bf81705b487f899be47dcd13cda74c4babd79","sha256":"7d6411db36a9d7bb0b2ed42c65023e873d12325db58574ca61c4a8a74ac883ad","sha512":"d9c59e959c85c4e90a3c6a5d2d5054c36de0466825adcef26837843835436aa7fd52421c57e3635640a1e85c050f744da35a84fe3db8faaf1a78d5aa0f758051","ssdeep":"","tlshash":"d03177f0594fe97efa160871a7a19af8e3ab1b39149105c7be4790142fb1110e6718eb","first_seen":"2026-02-18T12:44:30.701284Z","last_seen":"2026-06-19T03:29:38.97985Z","times_seen":10,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/clo.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.614Z","timestamp":1781839749614,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/clo.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:15 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6cf-5bf\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N7JO7R9LNNhujgDyFIJsDA6GlqgdukVVvkaBpkhHe8FzK4PhdGyeoe6XQMUqEqpUC7GpVpohZs1lNN6JVb48mDHPtOH%2FhTS9Wr6CksegccDxO6sgb218UyynmIh0iwcivqQBWyNdnA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a3185c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1471,"size_decoded":2293,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"2b42ee2f52e69c9fa74355e7fa8c60e5","sha1":"ec271c2ed4cfd58bf702f0eb62525c9ad25ed6db","sha256":"a673a6adaed2610de50c3dd24c84a700c7d7538bb88ed0d8ccaf9dfeebceae3a","sha512":"31db3eeb404b8b39757bd82d63e0826685c9b6749f3f4fdec4234bf21bfcba391cc93f705071cb50caf1639366d9067b06afbcf203eb496176f6ade992cd69f2","ssdeep":"","tlshash":"1431e6a76060addee141bc0d75a68a20d738876e4a8fd177950c9f281fbb319c1823e7","first_seen":"2026-02-18T12:44:31.048103Z","last_seen":"2026-06-19T03:29:38.983914Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/zora.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.808Z","timestamp":1781839748808,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/zora.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:12:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da97-7b3\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6mGiYyQkEPJGEWj5U%2Bqm81HtwwKE%2FfNI1vUMgUbsfXYBkbP%2BGtAAhh9ROFUfuuNZJgQcB73G1Hm5g7xeWpEokeOa3YcDZ2MVvo0SiQshZjzFhobVAdxTQ7yjHwesBaRLAcMETBNlDg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e1ef60883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1971,"size_decoded":2792,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"e07c7e05e3aab23e5f2d0ad26887086a","sha1":"3d85e66fa02b819d5d172ea1522be9cf16803132","sha256":"1572c75b5cf668f8c977b59efd0ed81ed3a36b25e510d8e44745f22726e73957","sha512":"4db18929bcf4cda35f44a40fb93795fa40dd06588b6bb902347cbff5367b98cb2a708c90b82c83f0f711a5415957abcbb5cea907c4c0aed99cee8a79c5ae749c","ssdeep":"","tlshash":"6c412ab2db203f5d7a1845134cf50c1485a7b7d50945a22998ced18a34fb231f667157","first_seen":"2025-12-03T13:20:40.457573Z","last_seen":"2026-06-19T03:29:38.98997Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/vvv.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.810Z","timestamp":1781839748810,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/vvv.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:12:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da96-564\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z0TS61%2BiDSJ0v%2FCWlpwmu9qm54uDCMfV9hxpZ2uo4PkuSk2pPSGfUMuxj5Y80%2B4DmazeC6DPhysKvQY8XqhHj%2FNB8F4FYBwUX82nXPvrO1UNx5taG1rNDNWEtVB5vzT7CPQxXSV6pA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e1ef70883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1380,"size_decoded":2124,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"2073123a32a20156f5287f5fbe09a988","sha1":"a97f188151c6dfc777c16a8dee33f6fdc4c73aa0","sha256":"3a0d825fb766bd74e06a50489b4085df646d0da97530a726e58726d7f6656a30","sha512":"aca8fb819715a1b55bb46fd09fe16e47a88e92eea38b73524608ecc57eeedbc8bf69d7e1dfda7136c2063a440e7e7a6eead5e57d18e711fded989a53f2d229c1","ssdeep":"","tlshash":"e121a5dfb2458813ef4b423a17c9447423a2b905914287cd4a1b77e6f6f93d8be8149a","first_seen":"2025-12-03T13:20:40.545434Z","last_seen":"2026-06-19T03:29:38.993422Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/woo.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.899Z","timestamp":1781839748899,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/woo.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:18:59 GMT\r\netag: \"690462e3-301\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fq7NN7VQYokEzY8RHgrZFpZgTefL2H%2FK0%2BYp2tgjvQw8SOBuvYYCe4xVANX2HXZqVret6u%2Bysbnkt1l0BT5TG2j0f1Yrypx6hSJXI6wq%2F0Sb82DZUkJpr95X9KPETX7O6%2FlEE%2FSz3g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 769\r\ncf-ray: a0df729e9f290883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":769,"size_decoded":1567,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9b88d84124e5e1a34ff20486187d1d80","sha1":"9665a9eacf63e4671da201cdf491bf34e5cf2d38","sha256":"6d7dfd62c0ed67f996133d2a2372424f181a12caf3c8e3a9ba3f3c98ff0b866c","sha512":"a720650f7318a0fd856347d7b4154e37452e7fc0de494938ec665c7dfbae3be93488a35c9388742564b1b725831cc75d2801048bbb67e387ce7876663c2af758","ssdeep":"","tlshash":"ab01bac461ce5d7263ec51410bb07f48958f5bfd2a14849344814e53dda7f4cd885a03","first_seen":"2025-12-03T13:20:40.563984Z","last_seen":"2026-06-19T03:29:38.997115Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ada.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.084Z","timestamp":1781839749084,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ada.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 06:51:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905ae03-452\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m9I2J0kmS6xXSOO2GDPEqCozO1N3RwKv7U2ZMRGGFNLtN0dAZrSw3lGkVky5YNe77LkTGblkSijj4YphMc6lzMG%2F8WUjcRK2rYLxD1stO9fvH6HOQc7w0mpQVfHRnPhleg0GFf58Ow%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729fcf720883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1106,"size_decoded":1928,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"8a049836b2d87fb1b7de6453ca35a8e5","sha1":"5f2370e9453807d80cb174c79aecc2484d21f5af","sha256":"2a18192e5af582d4a307eb03d836712fd0ad079ce0149cb4aa036fb61726f95a","sha512":"0d84e2ee3b5e49e218e409439709f34498fb7137ef0b2bf05ec4f8f7f1fae31ed256b4f51dd60590d0c4a987498ce3e63af6045a66ab34c9a117a4803bea5fd2","ssdeep":"","tlshash":"ee1129806982c77cec1698de5080bee65cccd76bba1c9242308270700fd720389ee8f0","first_seen":"2025-06-21T01:14:54.458259Z","last_seen":"2026-06-19T03:29:39.001554Z","times_seen":21,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/zro.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.806Z","timestamp":1781839748806,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/zro.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 09:12:56 GMT\r\netag: \"6901da98-1bb\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e%2Fo9pWSSmMqeOfln0578ORsFiMmdrNRS0H8uAqqqXWoLT8h5X2ECMC5ybOfbCPH0gEXnxRmM2qyUvUbDHMnw81%2FxsAg3X0qvAsEgKLQFtcCT7pY3nCYAlBnOmAXvPcDNm1J%2FO76N%2BA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 443\r\ncf-ray: a0df729e0ef50883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":443,"size_decoded":1237,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"efbb8bfb344965d98c4c031bd139e297","sha1":"759c78a181928058e8204da88bcc5f22431fe96d","sha256":"7a68c7e4b668b5ceaeba6b56d0895df33476570287057bde206a9fcbd9c947dd","sha512":"7662811869856a56d1feea5c4398f814bf5c0edc61d29641e9146f830ec4474f357d56720c1ae2dc74442d35b89f48a051a6abf8c0ef8339163355f2a27d1d35","ssdeep":"","tlshash":"02f02bdac3438e0ee64c85b12be3b104aa339290604a0a3407cd8923b94325537ca7cc","first_seen":"2025-06-21T01:53:15.867951Z","last_seen":"2026-06-19T03:29:39.005549Z","times_seen":20,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/broccoli.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.062Z","timestamp":1781839749062,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/broccoli.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:12:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046f8a-4b6\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A2Gst7WdgpR5xDZbQo6brIou87uCnq0XGFvXehlZQOIZIJYWNSxdhqOjlc%2B5VbRocYv2aLA0sqRwKtdt3NtCJj%2FB7%2F2jU8oyeX8HzHcIyrxyXMlszkxwDilJMZfxuGxS%2BN3J1jTz2A%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729faf670883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1206,"size_decoded":2034,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"88e4d65157150a1d069db688403aad25","sha1":"7a9bbb4989bd4ef1467c946e13f9005a15722dd4","sha256":"e377859c0f7313a6a2c8dc54f9adb1d246c6d7c793a5e962f5c4b26d8cf351ab","sha512":"2ee71f7db4036cb039b6581abea159cb9df8af9e752f2d6c4a8fea50fa3e62a5cf04e5f60aaa4fdf814b5061da22bee5a66e5f5c674c587088db727ef7276cf0","ssdeep":"","tlshash":"7721b4c223672d6980b0ab4f903c42b60c621e29d4373e297c39d8399aa7a211995c48","first_seen":"2025-12-03T13:20:40.530277Z","last_seen":"2026-06-19T03:29:39.009664Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/crv.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.078Z","timestamp":1781839749078,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/crv.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 06:51:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905ae03-67c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OYBcSJCfX7%2F0I7s6SoncNBSezJzmnuaaSXC5nX58ub%2FCEvEldEQHUEMq8LxVqUtsP7oeOYhwEvn3HkVbou2CqSQF0Tz4mIY8gPXolS4BuIKxUpw4hm4myINTKvjtY%2Bbu8tZ277aV9Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729fbf700883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1660,"size_decoded":2486,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"cf0e13c3aef7f9cc17cbb234581b7b11","sha1":"91a8393ca7e53e118a0b4fca10f2cc9f1ee47afd","sha256":"700f7e15db0164653cce97ddc3dd729a491bd35a73f3c2e20a259f9b12f55e6b","sha512":"a14019fd297b4a1026dcc654b9c22aef502693003e927d76b8a26c380a600f6ef33249299558344c30df15678963fd425f2c40a2f22061e7b7145782e5e12440","ssdeep":"","tlshash":"bf310a7f5af0bd28e01702160487dff83af9846360681cbf24220646dcc1a28ce0adcf","first_seen":"2025-12-03T13:20:40.657098Z","last_seen":"2026-06-19T03:29:39.014536Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/syrup.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.099Z","timestamp":1781839749099,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/syrup.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 06:51:46 GMT\r\netag: \"6905ae02-2ad\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Eq2FzOV5v3gxxEueKn3Gh5j%2BMlw4iP9M6%2Fm2S2FT8kecnzihlOnbCFUCkpQWUismBF5s3RoE9bdqQ8NuQQgg9fjeKAeNSaYzQc6RDbQVS5hS5aTAl%2FlD49XwSgDurwP3vtjsm1%2B2Ow%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 685\r\ncf-ray: a0df729fdf7a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":685,"size_decoded":1479,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"5a7ff9487badf359da9f326037d3c7ca","sha1":"1ac20be190dd09894eed951dec7d312ee5c42028","sha256":"1dd50a8172c38c6a677d8c56097e1be3a7f3acb0f4396a988df1af72d9ddb450","sha512":"b0af3ad29bc2ef7f5208b461c4ed82ca40d89bf3d9cb65d376dc167cfa6a0d2110d886191876c14b48231aebb545524fb711d68b71eb93e5714292fe8303b5a1","ssdeep":"","tlshash":"5701ce4a07211cb0f0e367b7bd582e88d0f1257447140525c1fffe1b2623ad08594719","first_seen":"2025-12-03T13:20:40.55146Z","last_seen":"2026-06-19T03:29:39.019423Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/sapien.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.252Z","timestamp":1781839749252,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/sapien.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:33 GMT\r\netag: \"69070155-166\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rmmONl5a%2FX2QtBeSJ%2F%2BPoPIuIUipMEjqL6HqxwaTmt4yx%2BXushkuuJTbmf1xPvoAFbXZfDB6qCpaTkF89uDUJdwGWTnxUnRlfm0u7b1dXOU1m08BOFmJ1GChy2vp%2FSfDvAVFwOm7MQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 358\r\ncf-ray: a0df72a0dfba0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":358,"size_decoded":1154,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"1e92d83a8cafd2b15bc3bda3d0925e40","sha1":"a3c5dc75e41b19a5aa28ca6f740b1d8ee1efc776","sha256":"76cc0abb4fd78a55659f50228c75e35a1074269e47c04e857b8c7f555b127ad9","sha512":"72f9cf44b0f4f0cab3a137183fd184a908e9f9aa7c503c08b3801ae1fec99579be2cc2915d817d4991589970a0a7b65f93a8ad92e564634c36f9676892f6356a","ssdeep":"","tlshash":"fce0c0c731943c9ad42501727f131281e8f4156903d531194cc34d002c566ba6dd55c7","first_seen":"2025-12-03T13:20:40.695819Z","last_seen":"2026-06-19T03:29:39.024494Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/mira.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.386Z","timestamp":1781839749386,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/mira.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 07:29:42 GMT\r\netag: \"6909ab66-1a1\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xmNGFM8KBEtMtBVkwLMVssUaSQ3%2F0SxKjTii%2BcAZFeWHp4BVHlCqIHrWPekSDSdVBpeJtPp4EW2AsHmc4lnZGgUvx7KFSKaMM%2BDUxqBCp04Jbj1pubjapSQrkQS3GaVLUezHlbl%2BlQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 417\r\ncf-ray: a0df72a1afeb0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":417,"size_decoded":1211,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"ddc66ecbf7e4c3770a6a807387c9216b","sha1":"07cd041b392387e74433ab62fecde9b2b6fd6aa2","sha256":"4f8048bec639ea63df037cd74ef55822742d335c2a9b041f46e1745788118da7","sha512":"29b2d70bf84b2769b2b111a9acd6b4ae22e56a4d5a358953a71b175907c60eae61f6a8d928af9064230c4eb5a3ae2e909bfdfd4ea528e390b33dfda96d1fbdca","ssdeep":"","tlshash":"d2e0f1a4f73c2cfd93211ba99b3e50609a35aaeb883fcd41a6d2c35914051d2e4bbf51","first_seen":"2025-12-03T13:20:40.592317Z","last_seen":"2026-06-19T03:29:39.03516Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/sto.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.444Z","timestamp":1781839749444,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/sto.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 08:49:38 GMT\r\netag: \"6909be22-38e\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FyNvkuazN2BvurW2ytq9XBFxcygRCGIg6ZiJfFyWyIgIBBMWrjyJdqWuE95IAMcjUoACc64xX3L6XO4vlNZYzbcr3XsyUZsIWVtCYrCpiDTrADiERJ1ASY0%2BhzJB%2F8vww66VlMjEhw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 910\r\ncf-ray: a0df72a208060883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":910,"size_decoded":1700,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"341928bfb643a026647777efe5e42f52","sha1":"007fc7d40221a6478272ddbb0fab2e5b3bf75614","sha256":"1dffe483ffa80a28ea4ce988ed6fe87fa7cd2bbaf45acc3876497d4e2aeaabe6","sha512":"946206427586d5442bf0eb95285cd4b52a7f91e1bce97572ec047d27d7f1a217787ae62a7268d855e92293435ee906e71d483951276e9e4f87d6aaac6f3b6072","ssdeep":"","tlshash":"2f118893d39242b4e64513050e2bb1b4de15222082ddd6a9bd5744473b0a788051240f","first_seen":"2025-12-03T13:20:40.45485Z","last_seen":"2026-06-19T03:29:39.038067Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/kgen.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.603Z","timestamp":1781839749603,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/kgen.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Wed, 28 Jan 2026 07:12:09 GMT\r\netag: \"6979b6c9-387\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6HWbd051k%2FDM3FyVBowHWuI3fw28fJC%2F7NE0qBPHmjGWokoJbwuNraxA2Y%2F%2FoHGdDu%2B9rLLAeuMgr9amDpYf1uxg9OlFeuOnB9oQIp%2FWCJYXsKAujfRLmJxRS8kkgs%2F%2F4QZFLApJ4w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 903\r\ncf-ray: a0df72a308550883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":903,"size_decoded":1705,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"47affd2eca9482a61ee2566aeb585542","sha1":"cf2f649a423927806815aabc67e3d88097d86afc","sha256":"af30b5bcae0e00972df54f667b73e03e79097a880c573c16e39863ad40dfc313","sha512":"fcf5a4c1fa85a95af4dd85d0f26ae89b604dfffbaf8e153afc2f57c66bf147e9c624ef31db6b559a464c6cd59ac8881be65bfbc6b974b5132689bbab53ef0601","ssdeep":"","tlshash":"1611b7074a94dfaa545cb2a0c4bd18226630e46c4630a9d1ed7e00f441d2ce5b2bd557","first_seen":"2026-02-18T12:44:31.173545Z","last_seen":"2026-06-19T03:29:39.042436Z","times_seen":11,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/style.css","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.595Z","timestamp":1781839748595,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 04 Jun 2026 14:17:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a218905-22da0\"\r\nexpires: Fri, 19 Jun 2026 15:24:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Oq2RxzkSxQwsNyJA4hnNqB1c0Rc%2FCBzlunLXNldFeiLZGzs%2Fi8sPM1FNBziYy3Npq2c0Ie2pABjS9xupmgO03AW%2FOFPWI%2BzZE8nJLlr3xgcJS2R2m07xgOLYeCdizDZCdo%2FaGc%2Fcfg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729cbeab0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142752,"size_decoded":32226,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"df1d4e99df6e1fa409c8dcca6fc9dc87","sha1":"e6a05988ee93e5c93edfcefdcb6a30cf663bba7f","sha256":"cbd045f6509e1e19c04022a6311d9cb914ebd86475ad00f2806ec97ab4835af6","sha512":"b5b8d0ef5966a478578b862e4ca702486e581d02ca8370279c50ece87f26aa8fc6e344cda95d22d8289a34e819f9d99478a3938946e7d8ffa290c954dfbebe62","ssdeep":"3072:9EWNbfAWsGWS8+I1J4jp05JG+0ljoGlXgb:9EWBfAWs90l8GlXI","tlshash":"85d3196ae752293c3d3f90d89fa4669d771974c0de3e8ebaf99120148fc83f90862d54","first_seen":"2026-06-19T03:25:02.651864Z","last_seen":"2026-06-19T03:29:39.048706Z","times_seen":2,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/doge.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.739Z","timestamp":1781839748739,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/doge.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa75-7a9\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FTzKK7gwSTKYF4yx%2BxOgUwksbjzV%2B13%2FX9OxMb3SQT%2B21aUphMMp3RokUr3tD1b0h2rGvsupIRIxGZSsvfhqWPOHXidsOu2lZzB3ycWL4cdfUY3E2Fh1JOkIqmnQDdBw%2BN%2BgtoM4mg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729daed00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1961,"size_decoded":2683,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"a25b66171a499abf1f217981274b7c18","sha1":"7c216a82e51ce30ff1b3a01a2286eac69780e312","sha256":"93887d3d5628ce64ef580f93ae222db1c349042dd7a426b723b1ec3a1758f779","sha512":"543bdc52c42c9dc7995c746c5199c2b0a392e6d14cdd19ce2c722395356fc59003c1e2420cb196b624b0ed3f9eeac9608c4e560f035549f1c301b2b8ac0a0d65","ssdeep":"","tlshash":"db410b6af5e31056585c9571e942046bb06c1f092e3360af4b41feec393425586c9263","first_seen":"2025-12-03T13:20:40.603175Z","last_seen":"2026-06-19T03:29:39.057415Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/trac.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.813Z","timestamp":1781839748813,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/trac.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:12:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da96-50f\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0ZfrW64rE%2BZD1ABbDHAUFUotGHNFzP6zj2gzpSc%2FK4%2B5bv0ZiM37eM6T8PjV7icLHyDAMirMPjeEXYacCucWJIGSS31Nl7nuYV9xxzZwfew8Vpi3Z6qr1QBilVV5uPZwqhEXAPp3Jg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e1ef80883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1295,"size_decoded":2058,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3","md5":"efeae5e09fb52c639dc4253d09bac5c6","sha1":"c326fece53c34b27a1b8faa9a590a92c650ff05b","sha256":"da6efb6e827adb1ae8a4e703a511e66d9d7221eef52eed6fb40690a0e198ace2","sha512":"a40a75e3266fbbeaff818c7094109cf6ecbdea26f892f52193eb4f5e498c9520f51a027638d031d6ddf62ae64850f419c64b9c4520f3e51529a107e077423a1b","ssdeep":"","tlshash":"0721843a775be903ef204bb7840969379f04ec9e8520ca7ea5099a8464bdcf14c14b80","first_seen":"2025-12-03T13:20:40.672985Z","last_seen":"2026-06-19T03:29:39.061496Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/flay.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.824Z","timestamp":1781839748824,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/flay.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032018-5d2\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wj0O87agmRag52Vo0hdnDyKcKeX9CZZpFdJuVKYmhVLCefCQhyINZfeBoFOFMQQoS92rKRmZaeA6Qiwnqp5lVFuFpVeiTj8m64l0gmz83r1olX6Lp%2BmXGmFYxgPZavSS%2BmrD8ca9BQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e2efe0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1490,"size_decoded":2217,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3","md5":"d9f6cccc40e0052b5b76a55783339ccc","sha1":"ca75e1bce11b023356faf8117b5a89fe58f08865","sha256":"7cca7c9dc987d2f9c71d53e28c0539e493e0ab33e1c219900c89d88c44239146","sha512":"32bfce35a87b92f02c7597eb4a59f0cc7859d99025c35bef1544e9d703cd1dd69f1e3e8da59753b13b04a0a4307f548925120d0b04c8380d0534b576d8e5d9ce","ssdeep":"","tlshash":"d631b99c104d6701cb3a2dbce260b5f921d0cd3bce516a7a1034394c54f3ef59d9219d","first_seen":"2025-12-03T13:20:40.643526Z","last_seen":"2026-06-19T03:29:39.067424Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/star.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.380Z","timestamp":1781839749380,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/star.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sun, 02 Nov 2025 08:26:34 GMT\r\netag: \"690715ba-2db\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CfQFTxbNWYfvD%2B51J5%2BlFvXYoC%2B5PJvukNjiyagnDHITqKBa8NEyDi7sBNYDTHmYPI2KlJ%2BPpZdIZPSJK%2BunUBNQ8vWUANJkUY988UCriWxfMc0m56nVnfqO3O5Blk0rNUBtQb3Hcg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 731\r\ncf-ray: a0df72a1afe90883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":731,"size_decoded":1527,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"aabb3a538d4a3b1659d4992c4a5af805","sha1":"42a8c19665110f58345ab34329a990d0e1fc031d","sha256":"05b3d2a8d27fbac246fcddcdf10022582a3a91d03166c7f3d50d6f664fea56bb","sha512":"c0e9c793f3e441fe9200cc07874e7a1a259cae34c847b6419e5fe4f3c140855417d8de21bd7e329a95437faac34a813e71677927572c8c80d929a7c7901efbb2","ssdeep":"","tlshash":"3401659ad2569c9ee8be425c06947ecabce2dd360c36569072502a93c7028bf9207d90","first_seen":"2025-12-03T13:20:40.688661Z","last_seen":"2026-06-19T03:29:39.070609Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/anome.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.394Z","timestamp":1781839749394,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/anome.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 07:29:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909ab62-5fb\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zR2NdzRiAvNtLjUD0jGqqLoVDIc0LnXzNSQl3y3dJJ9hyl8Ug6nvr9D4F9a9rHQ2%2FkXrCU%2FG4eQkHNddTk1RPwUxAtB5L3%2BQ%2B%2Bb%2FC8ywwsh1TCnj1x601KNdMNAwE48CyI%2F5fEw%2BJg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a1bfee0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1531,"size_decoded":2367,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9a10ed65698f2fe8b3d77799158744b7","sha1":"8860799ebbc35e7e368eaf29525a512b51e1e281","sha256":"70fa77829a04c59cc3c785aa2c8d6bb61de5856a0760c810aae6b0a5e83bb77b","sha512":"97d9c7259a20b3b0667ccb83c2632c0a7dc7257408b5d7296217cfa8f0b4f4249613d18439a77eefcc172680d2e798f7fadf340f522aa39557e6388182f48d2f","ssdeep":"","tlshash":"fc3129077fa8315cd36cd8b02b145746e8a031ee60039e2d88b23717a9548588f4c745","first_seen":"2025-12-03T13:20:40.511901Z","last_seen":"2026-06-19T03:29:39.076506Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cgn.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.492Z","timestamp":1781839749492,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cgn.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a21-43a\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NJhLl7M6d%2BXQ%2FG9gtVBhXONOho4T1LGlM%2FNjPEL4SjLBq7VQcURsMN7h9ADoDi%2FkG2XgRSICdbyM%2Ff6SY%2FIWvZjduU2kXQu7mFSMxUWqIC1idZRDVFiwGolxmie%2F1IDNaoohbcsk4g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2581f0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1082,"size_decoded":1916,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"70a99caaa466111763ecaa51eeef6f74","sha1":"2c7a49275c44241dcd67a09c4438bc5df95fe654","sha256":"06a8af838240c48fa58ed2c65ddcf03906e87100592dd05e14030cdaae28890f","sha512":"0384b3d43557a6ad26b90e7060a6cd0280c148d411d4bce519d44a1d6c4e388c66c8dde2f4517f575fa21898ef2cce8ebe1aa70f6af029a6e881e49abdd60181","ssdeep":"","tlshash":"a211d888c1ee98ae602067888e31fcccd062509fd48fb634d08cd9351e247d4ef1b284","first_seen":"2025-12-31T11:42:51.943575Z","last_seen":"2026-06-19T03:29:39.081913Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/SpaceGrotesk[wght].woff2","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:10.022Z","timestamp":1781839750022,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /SpaceGrotesk[wght].woff2 HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:10 GMT\r\ncontent-type: font/woff2\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 05 Nov 2025 09:59:09 GMT\r\netag: \"690b1fed-c068\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TD7k%2BOWtH9V5V1nJCiJ7HMfid9M%2BkUz%2FFRY%2BHEytZyD%2FwJjANr91m0IQiWTUMeLsTpDGLArHZPd%2BB6qT2E6UNmaJpadpWjTOeKaj1zLLTpBWdCzfRjhG41YVz%2Fy%2FKP4TdzOiFl0GEg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 49256\r\ncf-ray: a0df72a5b8730883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49256,"size_decoded":50023,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 49256, version 2.0","md5":"0c62a8f36c27538912ccbbd5de747927","sha1":"b4509f04a2bed1ec04e7f9ff4dc33c69e8e263ec","sha256":"8e085aa438094f11487a836652edd5c054fa6a96f63fc7c282105ee3a4b08c07","sha512":"a67cdcfd2c433321dac9322b221ffa7aa0eab3f0258d7975c84e891eddea41fd456ee3c6f7e67762853e023ba0ccd3d0586d5d549a63fc0ae4ac62f7533dc074","ssdeep":"1536:pKXTCNqIqI29JkBq+zhVpQ0n17Bwnfen623:pKXGoaWl8y0nPwnGn623","tlshash":"a123f1ce649a7d788870eaa31dd73f146dfc984389d6e6e1e1c2da8d21c971809e434b","first_seen":"2023-05-23T06:00:59Z","last_seen":"2026-06-24T11:46:22.770713Z","times_seen":531,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/toshi.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.816Z","timestamp":1781839748816,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/toshi.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032023-865\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ms%2FncywvT4zT0V8DdBTwNXhAk0VO4SXXfKSjtTP%2BYSXbiaQ49cHdSOZSplYvVYqbOcBl%2BZ8gdmFtFsXXZQjR5oE9UrAd%2FljEwOFkXp%2Bhb8S3xCaZxWzyFleII%2Bz97JcvlDbAe%2BHyeg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e1efa0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2149,"size_decoded":2983,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"705b8ea6aa9f40cfb26ad8b16cf2bf5f","sha1":"8ca7a0e4598c725e7951aeee88413f7c5a5480be","sha256":"9a80396f368c5a6f71b91c8776c92ff98e041e448d520c3f559f2bed8db4f011","sha512":"9408bf45648875e8059e97dd1a053ccbaa0799e30e6ff9abeb34fd4728da9a349c86c579d752a64cec5915c8370d9107ddd1c82e57aeac2fc535a981b2650c50","ssdeep":"","tlshash":"75413acf23babad3361514b293c1ba80d26eff2a12a1984d4019c130673d55888a73b9","first_seen":"2025-12-03T13:20:40.474524Z","last_seen":"2026-06-19T03:29:39.088688Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/lucic.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.859Z","timestamp":1781839748859,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/lucic.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6903201c-7c3\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4FJcCby%2B64OnO5usqMJ29y84ytyZFNgMSurYD34HcuvxxHkNSlvpi3gh5TqasfUagAnSxLeVGK2IYEK8Ad3VlDvSPumc%2FXvw08e%2BeiIY014b8UjcF41C%2FDC5XJ3lWqtB1j4aXOdYuw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e5f110883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1987,"size_decoded":2810,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"66c846702e24d3ffb4d502180c996faf","sha1":"458eccd952452feb2d559925b267a5381786493b","sha256":"fe49f22873053a38caacc2eb2b0130ce137d624702dacf197e264816b85bc3ea","sha512":"8824f477a5bd5dc972d0bd538d732c1d03c49154ee8ecbcea4fea10dce1a6a8dcbb100caa1d4a53889e079194118cd2ced1170083e096c464f4c53498f3d1d81","ssdeep":"","tlshash":"ef410cc2f713784cd51e0d8861d416b3e9202728b84f33809a69fa40a4f691c1c8fbfc","first_seen":"2025-12-03T13:20:40.664334Z","last_seen":"2026-06-19T03:29:39.091393Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/tel.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.081Z","timestamp":1781839749081,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/tel.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 06:51:46 GMT\r\netag: \"6905ae02-218\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3bYlyLepEYsn16Qc0MgLnXkYeM3Hr%2BtJrp%2B4d4HtL7qVf2cb7Ur9yg2WA5izowOjimA5ZzwK%2BsaxPVD3xRBRWyAbIyeX0sUWKywRpff0gtwM%2FD%2Fu2RldOQ2mfVSaulvvv6KKpzxywQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 536\r\ncf-ray: a0df729fcf710883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":536,"size_decoded":1332,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"3057519b64405eaca8ce8f84366a15eb","sha1":"7aa2acc34df7a1fd7430b5c2773a0c492dd6b457","sha256":"e3c406030c720517224e76e2ae8e461d0384495002f757334bb871fb3e928631","sha512":"ff04e0fcf1cf4ee62dbe54e550a4bb9751ead8b099a271994c805d511b84008f576c8fdaf3644a0434a4c741b977954be797537738134253ea0d8ed06356283e","ssdeep":"","tlshash":"07f020f8a3dabbac411768029c804806e7c4f1b215429a59345b8eb0d302cf4c1a6202","first_seen":"2025-12-03T13:20:40.471709Z","last_seen":"2026-06-19T03:29:39.094975Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bio.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.261Z","timestamp":1781839749261,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bio.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:41 GMT\r\netag: \"6907015d-291\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=usTq3bwSzzBjzk83B82LQo%2B7oEtx3utqtTJt%2BUVwlfvuqwP7WvL04sfJaRelZZuq9tu7r8wDLlrQ21cgKEne2FgyiyjpnE5kdVOj2nVbpPm%2F%2FXzMpx1YLOEC8n1ofwmZ7JKkHqxBXA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 657\r\ncf-ray: a0df72a0efbc0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":657,"size_decoded":1451,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9329668cad0e1c494de00f624f02486c","sha1":"99e3dd14b82780dd0849ee39fb59b59e2da8b854","sha256":"a4874a777ffe08d0812b245955ab9a738ad5d06311135261b402a08350fe9d98","sha512":"553a5f134f2667d5326fca17ec4aaa571ff00b9ee3e2ae224feceeeb969af08744f4b4bf380bd69a694b08765acc149f60706af7a7a093badea3a516840deb28","ssdeep":"","tlshash":"3d0183e5fb11ad0df57180508cf83c8de628762801a03b838012c8aa180c860a04af38","first_seen":"2025-12-03T13:20:40.631466Z","last_seen":"2026-06-19T03:29:39.098323Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/gps.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.533Z","timestamp":1781839749533,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/gps.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:07 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a27-8e6\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xBfTuTUKG36WusdhNP5i6l76y6sxakhAsd0%2BZEkhvJpTLFf0c3mg5z628ZUM38rVLayCcqKp9sMNpFhV3bI%2BU7EeMs9wl%2BLFFB9Aims8SoIHtPgSECJVw3a6hhA1VU7R32WnMDPMVQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a298350883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2278,"size_decoded":3104,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"19524a9630ce02549bd57758ca0830b1","sha1":"d6653f934bcbb46ce67648464f37dd8b11ff20e4","sha256":"7bf75c77297708682966174f04cf7d6ee8dd979d41983e497a3242eefbf718f3","sha512":"de3ee01142a9a22f367710ffee8a7e734cb7dac66f4f2cdfe95079756e324b9f1eb0e538a814a23d4e57f02693ed1941909b95a66f97bce2fc7cf39bed630f84","ssdeep":"","tlshash":"85414b95b0d6e95a96253a7eaeeeccccf80613cdffb33ca4f245808402053b24094841","first_seen":"2025-12-31T11:42:51.950033Z","last_seen":"2026-06-19T03:29:39.101264Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/wsteth.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.726Z","timestamp":1781839748726,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/wsteth.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 05:47:26 GMT\r\netag: \"6901aa6e-3dd\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=edyNoO4qwKxnNhyeuTHkUxqqO6%2FIPSn2XLx9fTRGfE0li8hRrXGQfa9O56q%2F%2BitqPHeXUE7EASBOHiNGDYk3Z5gjv7y26B3soLbMcFWNp95WaBHYhPJYrygWix4%2BShlaOgSnNbsTaA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 989\r\ncf-ray: a0df729d8ec80883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":989,"size_decoded":1783,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"d52fcb10f217b6d27f3e55a5458f02e9","sha1":"3c95142f48e64e0f22ec75072328a302a55c7ee2","sha256":"53b0e12ca727f9c47f28f871297bd32f32a562b5e28a7683f7cc564e174f1564","sha512":"0b16b423869aa6c84b6aa2e698270231581c32a6e99f197735496b51e4018942ac18e3603eaafea9c2b388d74a838b72addacf42091d3637bec74f5392ef03cf","ssdeep":"","tlshash":"1b11c851580aae018ab0b2255c31142aa57302d2a81a96a7202721934f3118e85bd48e","first_seen":"2025-06-21T01:47:08.698161Z","last_seen":"2026-06-19T03:29:39.105447Z","times_seen":22,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/btg.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.873Z","timestamp":1781839748873,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/btg.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032016-6d8\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1phAdVlqC5HJRlx%2BRshvh5jvCfeIEsTEPZxUZMyRoGQZnrL65j8PM6mJbhhzCKwa5GVB4685k70OGAoGndl0md5ig1jJQwrwMV8v4AK3wQvQEBMSE7XgNxUZCDtjbnmxPbSG1RJCbw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e7f190883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1752,"size_decoded":2574,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"e25ad82811357e9e62a62baa3fd1428f","sha1":"1aaec336a74a2f452e50c2ee6274fc03b64a5d22","sha256":"9d332a19aee921baac5945d476fd39636b168345b9efc9056226641a55b51da2","sha512":"19a2bbbbfe7e307815d614feac4273013c198de8a0125e5f184298837c7922aced844a85e3c8483691faf519569bd4c8639f8141bf4ea0c1007c253c65902cc0","ssdeep":"","tlshash":"433128c7a1f1ff0b3e0041a33b52d345d023e6e9e0002336649ee2eac9e0844a4fae02","first_seen":"2025-12-03T13:20:40.461383Z","last_seen":"2026-06-19T03:29:39.110047Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/wlfi.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.314Z","timestamp":1781839749314,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/wlfi.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:37 GMT\r\netag: \"69070159-1c0\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=muE4G5oEQVDVzCXftMrIsqcr3jErQ0bdNSuUaXDScnwPETtehgf%2FXwHUJxNh8XoMEjWL4lbx7tVhXgA80qY5niKcFr27W6KiZ2trfm5KyguUGLNfdEqkM7bDvdfC2b8AVRznNlXMxw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 448\r\ncf-ray: a0df72a13fd20883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":448,"size_decoded":1236,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"f8cb1c9db810fd354aa16095184046c1","sha1":"48ee4a76c539d47424c76d4c128ff217af5380aa","sha256":"4ae7d0b5906df6bb67fe57bcbeea8e26721cba8c2eff4c7144ce5287f93d9e8a","sha512":"9acc8ab6c4125f8b9fa768f1aaa40b9d13c573da2d43874e634c06beeb46c7673bfea5cdf3fb9fca66c83024395bba6b2dbf673f1f1a8006af0d9b7b03fc7566","ssdeep":"","tlshash":"80f0dca6c1867948528b233986b5937de473a02c54a094db022344fd5d57609c0dc2a9","first_seen":"2025-12-03T13:20:40.460122Z","last_seen":"2026-06-19T03:29:39.113385Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/osak.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.357Z","timestamp":1781839749357,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/osak.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 08:26:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690715bf-685\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PliGbXHPkDiZ6MnKLrR%2BNIDr4x8tnV9qxySkVg0OdXqKSDLnX15kEpdMBAlI825sT3dxBAsHRx6%2FcPJKNpmtomLjtxWnxgGoyD9vQ9zWgTp%2B%2FXjtxJvyKdtMk7mlJwIruSS64%2BQjUw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a17fe10883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1669,"size_decoded":2499,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9a5854d29dc473d92963426fadee4440","sha1":"b9727bcc954fa5c4406ae2893ecc82feab6d9f5b","sha256":"948b7eba7618110ab8a681b388c647ec072193649c874afa34edec89514e0aad","sha512":"c2d25213ce24fae0800d9e2d72d99f07d096da8f57bf0d036259834a88185b6fee0368f5b1892bb1e7801b5d56e2cdf16dd820acaa572eba8e60645ffae35caa","ssdeep":"","tlshash":"8d311a76ed3885bf59bd0d05a7684430be0d4bb811559791208889662d405bf0b2fc19","first_seen":"2025-12-03T13:20:40.553792Z","last_seen":"2026-06-19T03:29:39.116214Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bay.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.557Z","timestamp":1781839749557,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bay.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sat, 13 Dec 2025 08:56:02 GMT\r\netag: \"693d2a22-28b\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xAOfHy%2FbTCvr62KvwkR2UKjCoKEfc1SZkwAvsDjO3W7nrrPezmzzPaazBk44hFTSbcIbmefBXDc2wOs5zx%2FHZshDF567iRwi920N2N9M0z8gWsiE%2FVUiJ51dwgZOBpL7Wof02voZxw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 651\r\ncf-ray: a0df72a2b8420883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":651,"size_decoded":1443,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"2a99703f37b86d5abee7c39546c818e4","sha1":"1e59323936741dbba5401673dbfd47b3fec84611","sha256":"7282c4d7cf5cb8df853f3ae8cbdc732e42138e531d5dedf5dacac67965eed4aa","sha512":"60fcb524cfefd01d053a27c540c1a0316ad78d6b0a3236c3973e595872500515b9b49fee1b5eb977e7c2654e5c304fddb4078ee3fd08d04751f36bf0adc0e771","ssdeep":"","tlshash":"01f023e312c3a522d175e9100b6fee74441429ce2fd4547705c7743267ad82210fb718","first_seen":"2025-12-31T11:42:51.555264Z","last_seen":"2026-06-19T03:29:39.120858Z","times_seen":17,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/vanry.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.939Z","timestamp":1781839748939,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/vanry.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fnghlkouCYS0l%2B4s6qxad1ROLjipqiS9226CfXffm%2FcH8QZZ1JBzwdVUE02QTNI83pZniLlT9Gfj1XmzSSofDICxpdutSAkwHIP2DJay8uLJhweMdFuGPDvX410qcTHwoSFsPYOgWw%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 07:24:02 GMT\r\netag: \"69046412-172\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 370\r\ncf-ray: a0df729eef3c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":370,"size_decoded":1160,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"0bb9caeec1f37a81e6e145ac3e52d8e4","sha1":"b5de7bf94a2268345548306754e245c1a4ac7c5f","sha256":"2149e6a11d46d78e886e40dd3c0d7dad2a8f9fdfd0f93a40a9a19af23927c774","sha512":"9c862b8801ada5ffe5d86a377a3927536e0459afb9b3d07c8b30c3414aedd7220f7cd362bf1a832ac7733c653224beb9d3988281c1a3920197c42dacb78e2839","ssdeep":"","tlshash":"2ce060ca03780e28d8fa203f4a18c610a8ee2109087b0ca22f82049a4930738e48c3af","first_seen":"2025-12-03T13:20:40.517629Z","last_seen":"2026-06-19T03:29:39.12437Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/tree.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.270Z","timestamp":1781839749270,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/tree.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:36 GMT\r\netag: \"69070158-2cc\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9WwNEAs1ngysLXeoxLexHPgETgtsutS1va8YQn9Dul36VMltFHc%2FDp6K9q5eRuZ2NPp%2Bspg1FXkOut9smuc7USecxxOk2IjqqOADyrYd66oLDAiIkGkS0rHwGsJpkBUlrXVNvzZCeQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 716\r\ncf-ray: a0df72a0ffc00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":716,"size_decoded":1506,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"036c7bf83cc0de32964303e68128aadd","sha1":"f2f734ea35a8d3ddf1e5dbaeaeafd62a1b81fbdb","sha256":"0a1b6ceec101507bd53c22711ba686cf3e500582717f986c05a75e90760b48ac","sha512":"7387994e63413dcf8d51d73a6cf4662d66c35ed66b3d2c0b96e3aee6051190540744a9a6751c38fea9a5ea261199b80321866c1d77df60f95eddad4b0c44b2ec","ssdeep":"","tlshash":"130199d64b2534356563039f5e1cc0933a6c72213cdb0b99220f40574fca90e0d8c6d4","first_seen":"2025-12-03T13:20:40.56732Z","last_seen":"2026-06-19T03:29:39.127599Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/fluid.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.331Z","timestamp":1781839749331,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/fluid.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:30 GMT\r\netag: \"69070152-2bd\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fMoWFPBbrai3VP9PNZu%2FMSuomcXQ6x1fJY9XV%2B4gmsQT8PJkIBBiPsSNsINWn4t%2F%2FCnRXpqcG%2F%2BMu%2Bizy%2BHuCPZU5jHSQn8bedBrhCyKTePfwug9S99aN6lW0Y5U2nm90CV2OA%2FIYA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 701\r\ncf-ray: a0df72a15fd60883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":701,"size_decoded":1505,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7cf23802e743323cbde7f7211b288959","sha1":"6e4557ba7e0269082b89f24eb360d5343d60ab61","sha256":"5f80ca4fb2b69929ad075b07fad4822dc7069fcc27bcfd0dce74b8d1d13a3ad0","sha512":"f80c2a2dc5b2b1a4efc7a25272dddfc235ead3e959f23f85bdd8a49073993e11c844181028c87a015cec0f14257846dbe5e4b7316307b0b4730ad346c8cf4746","ssdeep":"","tlshash":"cf0194ca994119aaea02f340cda400ba2bd422422ebe78565023cd365c90673a69e38a","first_seen":"2025-12-03T13:20:40.67432Z","last_seen":"2026-06-19T03:29:39.130633Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ocean.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.466Z","timestamp":1781839749466,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ocean.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:49:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909be20-53e\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xrOACOUSeegBoJYJRC3%2BRcOIWSWp6DJs%2FygwDalWG%2Fo2mHgjbDerBB%2FBkU00L%2B8aWA0kdvmyjBq4J%2BLy0f1ZsoVSSb8bHypwYU8dVKxGrcwZf63675xn9wCz2c72ShiN4ySekaL2NQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2280f0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1342,"size_decoded":2061,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"2f6e0e5b8704c06e111cb4dff30b4397","sha1":"ab564413bbfca8638f35f72c7ae0745ff49f7c18","sha256":"f21d5079ea60f63007061022c81de3c63dcfa7e754ad05be853a319ad1eaa450","sha512":"748e84230c3b4c9c5900843172fd6d9612b6efedbc192ef7bf755d381fa2b9e05c00a98fe3110821a5f26e86ff504c22fb2cd510c747092e91eba27fd1ec4805","ssdeep":"","tlshash":"dc2198eb7300a40bd66e447219dd8778710f3d19d5951306a355c849d59e29d7043aa1","first_seen":"2025-12-03T13:20:40.679328Z","last_seen":"2026-06-19T03:29:39.133117Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/moca.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.476Z","timestamp":1781839749476,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/moca.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:49:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909be29-494\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6y%2BJhLUjaISsWowGVc9DX4bH1ws4vACFOUgaDRHKL4MAh0XZzITkZWRb4XhdUJYuvVPcB9%2FQbpEyORUDz1uFuEkvfnd%2BsIjXGP9J6L%2F1KRB7AA4qMVVHQ6cgbpooHYYqFfJE1W6iow%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a238140883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1172,"size_decoded":1887,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"a5a94f3dafbbeca0db5a9ad2079527b9","sha1":"ac95217075b2fa8aa32a76a866373066f035503b","sha256":"66daceb323549384c77d4571a9a9885c982135d731941a71a81ac0687d90b562","sha512":"d75f9028c476b55aaebc5e6b86ffc9bdcef6f7cac13d3f0e2ef6dd55dea6fbd914281806461e7055d3470717ca8d8d8c9bb361f95af26e3ca70c5466e97df1e1","ssdeep":"","tlshash":"832163a756505413fa8f10333c48c970e3ca678d851cd76fc29aaf87e0894f1784b199","first_seen":"2025-12-03T13:20:40.542964Z","last_seen":"2026-06-19T03:29:39.135551Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cro.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.486Z","timestamp":1781839749486,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cro.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 08:59:36 GMT\r\netag: \"6909c078-3a1\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CGjLPZ1FBuvmTcXZvBiABkYKm5w%2BinV3ahl%2BuX9rGqt4T01AAKBtVht9jhmR84zPb%2BatswRlsQcpJpnzFndKblp434BRvx1cx%2Bj5mv0%2BLuiwaWzb%2B9ci0k5Gl8s5w%2BOWmp1aVZYXqQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 929\r\ncf-ray: a0df72a2481c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":929,"size_decoded":1729,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"f1439a67124de40a9155e7b7bd8f32ef","sha1":"b90029c90ec97fedf6dafbbe425e3c7dfec922ea","sha256":"cc011623375e91145dceb5224fed7101f90c956fbb9d6549f608c37b7c2c0678","sha512":"53a950a52e75ef4e6fce04cc00b61c1f5f8463b9dc91cd6d68e913e7eb2593d40bc3b61b5dda218e868a98b4983410c2419460bb37a4e47c963e14da9ae39329","ssdeep":"","tlshash":"0511b7180726e2b49a7b443482537ef18c359eeb178b56e1670f033c245c38ae537761","first_seen":"2025-12-03T13:20:40.482851Z","last_seen":"2026-06-19T03:29:39.139744Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/open.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.512Z","timestamp":1781839749512,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/open.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a2a-525\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=74swFB5ebJaBI2wefGbtiN1ZWTc4o4LBBhummAYoNkipMxu9H%2BeNdxiKED3BL9fXgkl6a3Uyg6XjJVACfOEZ%2BzgxYHTckFc5mb2wF18RFB%2BUP0yTJovXlKwg%2F3JGkOqVaf3A1xKnww%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2782c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1317,"size_decoded":2145,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"9226f207d1cfb2d696ce0628cb0a04fe","sha1":"58ae35d161622991b056e19f7204e21f265d382e","sha256":"aa890241707a1511c979a1ba019e1aa29bdc18b7cad817055bd51cb5efcf424b","sha512":"9a6000ceed84995553bfb192bc09c39b70462b8496d44e29ad745938d65c9fdec0f5a8fe5fddb8e1fbd561fec288d0c8a46abd0017359408b938904a38a74579","ssdeep":"","tlshash":"0421a5d76cc8adf9d23846ae9d9c2e34ef1823151579a957a002a405fd2652a2d83845","first_seen":"2025-12-31T11:42:51.561959Z","last_seen":"2026-06-19T03:29:39.14651Z","times_seen":17,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/stable.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.566Z","timestamp":1781839749566,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/stable.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6cc-707\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tpvn%2F0xhhl3uCNZ51hGr5cpauPt9CJOCidLWf3%2BRzuMp9ziiglWGjBvXD19mg0gu3dsPISFDhGwO4J1wuTGjUGmvriK5SeLhG7XrsuIaK9LD2Y8uvvymb3yEnljOE5bnrsCO9LvZ6w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2c8470883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1799,"size_decoded":2618,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"c6ce145bda64a35da1dbfbaf1c359000","sha1":"b77dedec1909393673803d3aac5a786922d86dc2","sha256":"110c9258c5e938451e3d2b655392b55633de37236e2f240976295be74c9b91ab","sha512":"d3b1adb937eb7d1ead3ee748fb121d1b9c7319e146d3ff17f00a4dc02ca97970872bddc3f048658002327d7b571e5d78b83337938cfd8e9eda3593679af0df52","ssdeep":"","tlshash":"5d310979544357128c6fa731b96d35156456a136a390d2c63e4348314e333bc6ecefe3","first_seen":"2026-02-18T12:44:30.912049Z","last_seen":"2026-06-19T03:29:39.149414Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/spk.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.934Z","timestamp":1781839748934,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/spk.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:24:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046410-744\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FjYYEpecDjaf88ePjJhTc2A%2Bu7OmApyz60J%2FX64w5VsVtm1rvt3HvCIvR8Ye9yylc4xcLS8yaHkWksDxjPhcNZaj48IyijOCeGuYKONnUrNywKb9MwKf6HhwB6YNsJfmZbAhwaAXIw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729edf3b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1860,"size_decoded":2679,"mime_type":"image/png","magic":"PNG image data, 181 x 181, 8-bit colormap, non-interlaced","md5":"21a92302b12ed8f409bbe1790fcb0616","sha1":"2683ecbc735f631085addf1364761bda63652535","sha256":"f14444cff6ff7ede0ea3a9a842d409838e096a7df70ddc07bbbdbb5e460297c6","sha512":"24134e09deae0720ea9dc39b4e4609796c03b4d5b03049a9e9cacbc5b000074f17ada0747bf90031a2de5246fd895f37f8d7f12c7cd03e0731cf441489103544","ssdeep":"","tlshash":"e031d75eb97c8e88e12de93047738507760213e584b78fbe9e8458a9688d9dc604e6ac","first_seen":"2025-12-03T13:20:40.459283Z","last_seen":"2026-06-19T03:29:39.154214Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/dino.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.213Z","timestamp":1781839749213,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/dino.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wh3GXn652%2Btqh%2FYaLd%2BFhTbD6PyhIG2U%2FGvhMylRP%2BT8Cv51QJiqU1fb78N0q8jlmm5i8a2ipEFnnq4SsWEdh2DaGXcPEwWPJAzl053nTNJ9HgJWCo4ApSQX7JwV0%2BSr%2F6Qxuj6qew%3D%3D\"}]}\r\nlast-modified: Sun, 02 Nov 2025 06:59:28 GMT\r\netag: \"69070150-372\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 882\r\ncf-ray: a0df72a09fae0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":882,"size_decoded":1682,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"38ddce35b32fd20a75c4660a5e4b8aae","sha1":"614a70c872d758a4cf7dd8ab5384abd2a338def5","sha256":"6c5562f13a8de489c93209a2a727417b4a12070d0151cfb65a1db6240ed0fb7d","sha512":"7beae50479736943abb7acefeb5cff769623689d1ee241149fb8f492b5a0b6a37f93e3d1465958adfb39f5c1175adc6f7e46b0298ff95f38b43d44964f65118d","ssdeep":"","tlshash":"5711964789d9d64f13cae1777c5d6c42f87633a403bd269051c6dacf4552290b127c39","first_seen":"2025-12-03T13:20:40.662872Z","last_seen":"2026-06-19T03:29:39.161109Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ampl.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.351Z","timestamp":1781839749351,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ampl.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sun, 02 Nov 2025 08:26:36 GMT\r\netag: \"690715bc-181\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oKSXg4xZl2xB1tBSpgo5xYaWo03nkzKPjYcqpVraXrtsxKCiAgrJ1NAbyPt%2B07Zh528gCC6rdOu%2FEDhKHb28LxYbmT4R7Qsd%2Ba1BP9V2onznbzEhuZyRAjvegw%2F3oZryRaqxe0faYA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 385\r\ncf-ray: a0df72a17fde0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":385,"size_decoded":1179,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"b50ecfd4897c3457ace3c6dd0fe4d31a","sha1":"c03860fba81539ab3d888fc8d2d88a4f450998ff","sha256":"45dcbd17daa14977407580a113ca4745fc6d6beefa4979fca75495651cc7eafb","sha512":"95dd37eac848a020a515539cfe15026f458b1ab962e0a3eb9929d1e06913d8c8ce990a20e6665dd1728c2c4c03d9704612198775420a45ee59c14784b5c62091","ssdeep":"","tlshash":"47e06892c29998bccc22595a5e6d2290dc6a85fd02966ea561307c29b61e284c08871c","first_seen":"2025-12-03T13:20:40.585737Z","last_seen":"2026-06-19T03:29:39.164686Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/auki.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.440Z","timestamp":1781839749440,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/auki.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 08:49:40 GMT\r\netag: \"6909be24-230\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H1z%2FDITKaAvjzIuwUa5pH41ChOagbSxsme0ab9KR70ensMoKFkyNgPM0gTl1ZN79pmP2%2FMxsy8O%2FmayxlBbpQp1bnpCMHI62dCSTVpbO5d3N%2B5TqzB3rrrrRzdJhn1aRfseoGs9pig%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 560\r\ncf-ray: a0df72a208020883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":560,"size_decoded":1354,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"fd82367f5022a87c8edc2e720cf9296a","sha1":"b05156c3e227968f23209dfd883880857b67e240","sha256":"c7fbda26da199db9b9d124deeb3b986d7a3fcbfe3c16d2df413c07284db5bde2","sha512":"95191ba4eaa94c6e644cb9d81111a6cf27efabddcfa6cb8aac4111c162735710d0fc687e4866b6f66f56b090ab4bd2aec682ebd993da97c6801f460eaf073124","ssdeep":"","tlshash":"20f026344e4274f7a22d50269f071d61c435c26639979965df13bf931b5063d8b21416","first_seen":"2025-12-03T13:20:40.579142Z","last_seen":"2026-06-19T03:29:39.16713Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/peas.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.442Z","timestamp":1781839749442,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/peas.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 08:49:37 GMT\r\netag: \"6909be21-309\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oUsZ8nYJ7uwAgNP8gtzAiJmVIjR0c5YWHc5HtEZzo4WJdSSeRg49U03SpC9YSe350K70aBZxNcMOjaT1ZAiTxNsu8PPnyhQTmApKM8gPWcfPzhVkI2AgoUDTb5BQo89eTnTHDyDZng%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 777\r\ncf-ray: a0df72a208040883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":777,"size_decoded":1563,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"4b8c4426e220e7377c82e9787246e15a","sha1":"1a76694fbf54932f20485135fc5bc664c1e787a5","sha256":"f4365f65ff0e3f0f50a00f5dc588671629f05e12e8695834fa6847682790556e","sha512":"082227c7a2dca906011afe82f17b826f0ea0ab82b63d1ecc143fc9a132f8efe1089ef19ca679616d5be27af945308808245d5323e019c925f79c5b3475bebb05","ssdeep":"","tlshash":"2e0105fe18cf8dfec280886198391830d33c14280e38872e936b10d87d8220587333ae","first_seen":"2025-12-03T13:20:40.536139Z","last_seen":"2026-06-19T03:29:39.169634Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/power.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.560Z","timestamp":1781839749560,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/power.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6ca-854\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bzaCCxoc4bDWSXzxXBUOQknRNXlqMZnDcF57wjnlgSEdlAiSE297%2BlPUryAlPtzvwp9m8b1oPfWLgLB10qIDlB5rtDIxtacPzmW2cgQuWZ%2BPiBfkFuaSBNLeJi3BwXwk61inB%2BUKkQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2c8440883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2132,"size_decoded":2958,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"77234d558a411e27ec9b5c36abe1ed52","sha1":"f75c504dfa75786c1e03bb969181ecf35e470bc5","sha256":"e7d8c8bec0a983c4a90a69ac6624945f5db92bd3bbcd34cac568e8b519ecc83b","sha512":"24680c982efd2d3caec7cfb37185fd158c9759bd08e7589f80f19dc186759597446cf7435c838afff365fbdbe50c80ffb6553a47c0c5446c8337fd292f07526c","ssdeep":"","tlshash":"96412be0868f94bec964920cc8b0499dd4a2a3906c5d7cd0621f0f292a2359ab2d3b52","first_seen":"2026-02-18T12:44:31.166396Z","last_seen":"2026-06-19T03:29:39.174328Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/InterVariable.woff2","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:10.020Z","timestamp":1781839750020,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /InterVariable.woff2 HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:10 GMT\r\ncontent-type: font/woff2\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 05 Nov 2025 09:58:24 GMT\r\netag: \"690b1fc0-55ff0\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DmnzZcBAgeWRFGrDsb1gSVylE3nzNly73vMDuklsqTwpcqTE1IAeR9FXR%2B1wRSsc1SCjYGrm2H7fU81b%2FIF%2BPVdL%2B8zSKcBFIpyP8eKBG1gjzA5GXhs2C%2B9V4k0tYW%2FBzSxInsfp%2Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 352240\r\ncf-ray: a0df72a5b8720883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":352240,"size_decoded":353007,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 352240, version 4.66","md5":"2bf3d951bf9d6109437ea0874bbf12fb","sha1":"f55b18fdf5a4fbca23e23010fbe89df27d70d1ff","sha256":"693b77d4f32ee9b8bfc995589b5fad5e99adf2832738661f5402f9978429a8e3","sha512":"9c34339e338bc88488195216a834004c3cc2934896df8a5849c26801a88c7a4c4d84563d9cdae449d81bb379549f69f57c5fb9b199826adb8a88c3eb7d22bac1","ssdeep":"6144:NXxnNQ1mzp/C4K2K9y0deanlT3TPkHW644MVz66Z2YS78Eq/H493abRLF/VBoGuB:RxnNXpq4XF0tTPk2jzRkYS8/GabjC+a","tlshash":"fc742337370464501452c3aca8a70a57e6302de69fda07ecc7ae84e8899ca797f1f74d","first_seen":"2024-11-16T09:12:47.72962Z","last_seen":"2026-06-28T07:19:32.668424Z","times_seen":13558,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bsdeth.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.753Z","timestamp":1781839748753,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bsdeth.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa72-7e5\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jtj6JoqFYglpyt2ndXVMeK00JblcLuiGZo3tPYJ4AB6mwHm4Vsbxf98gC0LE3u9%2FPTl%2BsFv07fEcmp1N%2BzPObIc8ejGFiz2CYYIG%2Bwh%2Fic5yB5cJw6WlJBxXSovUh5ukop3Hgf4lVQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729dbed80883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2021,"size_decoded":2846,"mime_type":"image/png","magic":"PNG image data, 181 x 181, 4-bit colormap, non-interlaced","md5":"02f683c080a8cbd8e84818aca5102e6e","sha1":"27724665b454d9fdc138be9dbf3078f1ce89496a","sha256":"2a68d4370cc9ba8de90cbe9ec848ec45c83511bfa440474982dd4716cef839cb","sha512":"583ed027e64fc43451e1c49e402f52a2891f3613a8b11e26d2b3466508376476b08ce4e3cc5f13f82a04e5091e8d4450c2ade5b5670ef7efbfd63b5c50cafd09","ssdeep":"","tlshash":"ab411a8f4208a632684473b92b2130e679ba6421b840051c834d3d47de9aaf8711a9c7","first_seen":"2025-12-03T13:20:40.614453Z","last_seen":"2026-06-19T03:29:39.182429Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/fhe.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.087Z","timestamp":1781839749087,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/fhe.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 06:51:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905adff-40a\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wiHZLFc%2BArWJyq9f6bqc2KC7U3B3OgiJ3JDeRh%2BTydY6DdJRcxPTNmbsCm9yv1U0CVZ3%2Bv8VwoIOFqvlyg3y7lhRyvnFgIk6lc3E81Ec8FNtKnEY%2BUfZZW1QGoFWTTwIpDnDZVvo6Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729fcf750883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1034,"size_decoded":1762,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"70672ec926aee59140cefc8fa4ed5ec1","sha1":"106ddf8ff6b5035d9f373e10e061d955d4ca9a43","sha256":"e92e8c5375bc382117c24effcd65a1d05f43d93232bb7d6b55a455f0093ba7a7","sha512":"220aa3f8602e6b7e4fdadda5f37847e92bec9453a8419f342dae68e463c12a2392ade0aafb9733001a5b79d458fff8deb5bcb742ab1a50bc6ef9d8cac9854ee9","ssdeep":"","tlshash":"cc11c88323b1d4c3d63f0075ae2889709e9cde00da5e478d579fe20591bd2c09c81fb8","first_seen":"2025-12-03T13:20:40.451966Z","last_seen":"2026-06-19T03:29:39.186425Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ovr.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.360Z","timestamp":1781839749360,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ovr.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 08:26:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690715c0-5ce\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y2joOmzGBisun2e6m2IcnFa1VNgUIbZ6%2By8QUhU9VL2Q8qwniw%2F9h3p4AY4vJy9bzYrad08gkJq6DZXi4HFfpFpb5wSzMXy7yj5JPFDJX4s1aow3DTFvqjWEj5ZaP2hCWrP90QyUWA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a18fe20883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1486,"size_decoded":2310,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"54589607c6d94c044a135c2ee21f42b1","sha1":"6800d392933075d7e8e974f92863863bb56a4f45","sha256":"17b4b7d5f369fc4123c0ead2d09aca4b8cacd50c8130298dcdd20b843139ca3a","sha512":"4768387a0ec6d3553336c831ad02f828464d535b5dc24432162d379445a1f661ef660bce08ad218a5033564b4df54291466d58e1acf4626a423d0ebafbf848e7","ssdeep":"","tlshash":"aa311c36b31baf14fdc74c00116135f45f9959185cf400f2e37b35315eada88c8a14e2","first_seen":"2025-12-03T13:20:40.441711Z","last_seen":"2026-06-19T03:29:39.188867Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/edge.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.437Z","timestamp":1781839749437,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/edge.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YUzCMqUv%2FWgGV2VaSSPQNeaRl2EkziNCYYfTEI71cZfOvlDha1wovsKj%2BBrOdM9fc5b%2BIW0kOr7wlU4AzbXtuoK41hdk%2FD727Ve0vvnUXNLiFMJNssEla983mpdRLQ7mRai4twg2fw%3D%3D\"}]}\r\nlast-modified: Tue, 04 Nov 2025 07:29:39 GMT\r\netag: \"6909ab63-3f8\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 1016\r\ncf-ray: a0df72a1f8010883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1016,"size_decoded":1811,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9fa85db7d7f15f9b853e8ed6af9a11a6","sha1":"423477abc9fdd7057d39b2170aab40fd1eb55557","sha256":"7ea560a24b40a70e49796e3ee0515faa3c17c665d2925a7dd27a9ece969a3201","sha512":"13ea1f18ae507bc05d07fa7dcfc98109b59fa6253618f8566cd68b4d292f23ea1e0947c7e449a02f32ddf0155da44a8b4c802f5250069b522d6b7db8d100d00c","ssdeep":"","tlshash":"6711a59f45082ee5932306bfb61e0050efb52a740810a4ee04006ba47b48d5c7ebc286","first_seen":"2025-12-03T13:20:40.498503Z","last_seen":"2026-06-19T03:29:39.193633Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/c.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.528Z","timestamp":1781839749528,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/c.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a28-64a\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Qxnd5%2BoEK9q6QHWYrTRGOJDbrOTgnaE4RI53reqK1wBkOxtLIhtJh1arzxBn%2FUECKkcq2t1bXf8p1vTxn5%2B8RE7rg%2BLXX%2BfU%2F8Z5GEHrTZxHlhjB6tAOS1gBRH%2FJPpzmdReb46heA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a288320883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1610,"size_decoded":2444,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"6538df110aa6175dce96fe140aacdfe7","sha1":"bfa48123e5c95158e95a50818b122df43aec5320","sha256":"6bb0f83fee6f7d474e13f057c60549e93368668ec644fa59f8139f4c87661b65","sha512":"aaf4c6f2790d1f69bb2ad899f2cf44f791d65d321bcf1486849fc7018fb3edb7635bbafdb6d5f7b76f1258bf1e9b88a6f284957a51da425ea37aa58d71d84755","ssdeep":"","tlshash":"62310a62d68daca3d8d10c3d7163f4782f3cc1570a401b0e157580dcbe9458193ea79f","first_seen":"2025-12-31T11:42:52.17703Z","last_seen":"2026-06-19T03:29:39.195835Z","times_seen":17,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/elsa.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.569Z","timestamp":1781839749569,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/elsa.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6c6-4f2\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FenIK7AwPwNv4TNyYWaPWn0TkHnI5CzYJBKjuadHJEICFA8ZTCnDEN67IW7juyxWhluyn0Qn1bGbayv1OyR4cygBXy6kipm1%2F8m9C8BG8ve4OfA41xgoThMi%2FjIU0QzJFuT6BmEqZg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a2d8480883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1266,"size_decoded":2092,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"20165b738326b9805b89ef700a06e5ea","sha1":"e79881821dfdc6456e791f2c0b50ebc462981a5e","sha256":"1909231333a735e6c8aa6bb930ed170c4e7b7694027be42e3bc7be49433a67d2","sha512":"1657d25ff4e157556543eac469ea18b8979d4211b4f6b69d122e4d8e7ded940aa36febc579bf80dd594a60b9c35e6fabd1b69421640367c4c48c11f4f4fe7625","ssdeep":"","tlshash":"0f21e7599d6be58ffcd023254b8634dcd8b935cea829d0b438242958356b273ca45a0d","first_seen":"2026-02-18T12:44:31.134249Z","last_seen":"2026-06-19T03:29:39.198376Z","times_seen":11,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bnb.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.700Z","timestamp":1781839748700,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bnb.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 05:47:30 GMT\r\netag: \"6901aa72-2a2\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=InTDK2dPW0ClnxfotwY20OrryCV0S1IvWEowtjQQEWovmwBI4OW%2FMmPz6jbZAIyOmY9bIpwkw%2BzoFsc7U0ATL6thNUuvRSjUEnAqDe66Xp67J%2FfCzt9RJAqL56EraCU3CpVV%2FT%2BgHg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 674\r\ncf-ray: a0df729d6ebc0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":674,"size_decoded":1470,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"51e6635791d033ed41b67e09e66c8ad8","sha1":"88fc646df115181334819cc6ec53a9d84f87bc82","sha256":"a8fe37af2292b7302c7463acf13fa7c6d121c3b1f9599ef4a9287b2afccade31","sha512":"351023df6e3a0b9ad0fde4501d7f50890bb82b73686cf4f9d7a34728b34afd534c4a701107c4c44b6740844a0ac5043a0fe63d11ee9731c404d19913b31a7717","ssdeep":"","tlshash":"540183839075729950a7a74a8d3316baad3a000bc393f806ab0ccc90081772515c7ac4","first_seen":"2025-05-03T12:37:51.761209Z","last_seen":"2026-06-19T03:29:39.201366Z","times_seen":171,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/weeth.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.749Z","timestamp":1781839748749,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/weeth.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 06:33:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901b54a-7bb\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3tGFRmx88h19XXUO0JoqnORbyq9jNMH5yvKwowYFIKBDX0MIqzWiyU2ykrJ%2B%2BWO%2BlzVDAu5Kg9xWkEGPtT1PAnjA53EeZRQCSvGtYeqfIY9Pzhjs9CoZ5kxS4rYjTUoZNsebiEH3Dw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729dbed60883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1979,"size_decoded":2800,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"d43335ad46c1db97efc2d49d76d3afcb","sha1":"2810a7e30f8624b89ef4b72022e269dabbe364fc","sha256":"a523fdc7398f1fc8ad41c7112f840ba77423f8618b62d8351c4efdf5eeab74a2","sha512":"b114df8e458d6e6964aef17de122160c9207824729c151e52b76fa74bf2c489ff45b4d00105647a0ada3371123f59ba9da3e482f4be7ce43ec72cc7704c03582","ssdeep":"","tlshash":"e1412ac357f01c26ea3b844a0d390a23673b76ccb1a0e490da1f4557490ab46a138e2e","first_seen":"2025-12-03T13:20:40.520097Z","last_seen":"2026-06-19T03:29:39.213379Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/game.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.828Z","timestamp":1781839748828,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/game.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6903201a-9a0\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bUtUqSrIAloiNyWvniWVSrPF4xCnAOZagg5zszsmGRm4A3MaCv1leAtlD5avUtINhXy%2B4hY3etI44Xjce3bfNOQh2lyIkloq9ZtHHYgPSowtd1Tz4LuGhaTuMrsTdMvcpcUOaarTmg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e3f000883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2464,"size_decoded":3219,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"0380d645ef427e922c20b0b8477d4efe","sha1":"d901cd1740f5989ca96d464529200b0dd6f8131b","sha256":"caba603a4c7c99ab56702bbf49d47a53d3dfad244fa97663ec2c8ee2375c8ea8","sha512":"b421e0355e4d574980ce2c97a3d8f65408cda152650ff5242ba6a572a1da66d7d4cd2135632ac135b5720080e35bcd88089bcd9b6cb3c106449efe34a6d643ea","ssdeep":"","tlshash":"74513b63b753c823f91a29b10ed8db28034c9c32c77baa4f62565106fbedd747950349","first_seen":"2025-12-03T13:20:40.484515Z","last_seen":"2026-06-19T03:29:39.218952Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/oly.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.860Z","timestamp":1781839748860,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/oly.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6903201e-4a1\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vCyP7BjRBD4GstY6fsF0kdT%2BWYrWOH3M6TPtcQCyLvrCFkmyD8rPltHzYZBSl0krnj5%2FaNMNLiIyHGJUXaePLvOEEGw5Jg0ie2wcZxoDbVcIS8tqOdpJEhDjxn6fgRPZPBF%2FtauQmA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e6f120883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1185,"size_decoded":2011,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"7bd1f33eb3b6a8561dedf80e04ffde51","sha1":"783f8b5ced1e2e2275729e1b1afc7b215f4d8e00","sha256":"f11d4eed3d23c3507261713e5c3c40793a1fe6b38a9f36f4a138b965990e3dab","sha512":"0b6800385cfdf05dc7dda60798bd0fcaca1a2f1abf592f20067b6e9b55ade14027f55b93ca24c5d1040b06a66750e9b0ae4f88ba53ef9517b37aa9426acdc9dd","ssdeep":"","tlshash":"6421b41115246fbcb799cc360b72f8c1cf9e1005a01b960a5f89501aeec8950bbc328a","first_seen":"2025-12-03T13:20:40.526615Z","last_seen":"2026-06-19T03:29:39.224095Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/avax.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.896Z","timestamp":1781839748896,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/avax.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ST1W15VAkhGWu0EBzo6L%2FA3M6QRauhdqd4%2F3YxClpso4cTiwLQcQCinI4w4M9XE0WtWJAfhgdvcmPeG72spWnNEXWo%2BaJzKRoyW6efMZhFMl59qcyqvydy57wkCwYJr%2BO9%2F4xT%2BzgA%3D%3D\"}]}\r\nlast-modified: Tue, 28 Oct 2025 13:43:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=5,i\r\nage: 290\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6900c881-339\"\r\ncf-ray: a0df729e9f270883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":825,"size_decoded":1295,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"47be62e8abff2eb6fc98e233f8548292","sha1":"7ecc88499e91e90276dfb2ed67297c7685c47a1c","sha256":"22f386dfbe2a8334bde03be8d0be3e45ee4e94d11d7333180ff00712baf9a325","sha512":"dead5c482ca3cede49179e5c5b2ff16e77f6090a4450c1845a94c5fb5ed3bf430aae17e3a3693a8180bf75d7a553c1468af50d0383b6051c8ab4c13193c4d95a","ssdeep":"","tlshash":"f80152894785e83eb060422093ea23c233f2386aa2725edab5d32c39e6184d401897cd","first_seen":"2025-06-04T12:09:58.453704Z","last_seen":"2026-06-19T03:29:39.226619Z","times_seen":42,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/myx.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.163Z","timestamp":1781839749163,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/myx.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905cea5-51d\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Su%2FNYb5AvNai7P9HyDrj7kk3keUFk6MkbvxFWQaYZgciEBvXTNUJcc1R%2FJG8ISagI%2Bjq6pAdDsTMKhpgO4h%2FAEQ8pA8IoGPVcFqFiCaACASzXMHuv664521kR2hya6Pml1WEjai%2BYg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a04f9c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1309,"size_decoded":2139,"mime_type":"image/png","magic":"PNG image data, 181 x 181, 8-bit colormap, non-interlaced","md5":"b05477b34e5decc8636cdf1a20b776f8","sha1":"6b9f95e39730015b83140d7f8324ea8bdd9d5827","sha256":"77520f183fed99a3d6e7d9cf33943fc864ae7d7bc5048a4626452549447e877c","sha512":"a0555c4edf2afd3349fa4e16bcce6435f4bd5273b0c1c33717ce496872914c2164900155580d53e537e7f79df1e14632bc14bea76370d01846698fd8c2ecd670","ssdeep":"","tlshash":"cd21c8f2a05f6e29d0f83e618fc480a50b8aa86295e37bba23bf44450591dc9f7a1594","first_seen":"2025-12-03T13:20:40.583182Z","last_seen":"2026-06-19T03:29:39.229098Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/form.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.194Z","timestamp":1781839749194,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/form.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:58:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905d9cf-468\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P8BH%2FL6N%2FmhDaVg6weabB2ua5h5QHB9MKaYSHWfVhZMH%2BEmgUlZhpVlSu9ivyzTA4kX4w8yShMnEHb4lE3bcF0OBDEq9kMyHFkQ8avn%2F0DUl%2FzENCZmc1YpTASeYkTwmMPKZXC9Afg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a07fa70883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1128,"size_decoded":1958,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"ab9ef26fbe3e966dfe30da1c188e4bcf","sha1":"947cb5dd957b076e2e5273bdf230c8a9869f712e","sha256":"bd7a1b70b3d926d430f2f0b912255dcb017293c8aaf40a513f3be177d2402d8e","sha512":"51eda1136726bfade28cac342bfb044c4cbbaf3a4a3cd7a3d5fb5eb6355f6d18fc4bd7e56a7bf4fc6a9f9630690fbaf882f4f471b5935aa26c6eeb7238a87f63","ssdeep":"","tlshash":"5b21c6a79e51f83a5e3c77b0360d1908a4739b3451bd8e24ced58fb39c28940529bf2c","first_seen":"2025-12-03T13:20:40.602316Z","last_seen":"2026-06-19T03:29:39.231391Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/usdt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.712Z","timestamp":1781839748712,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/usdt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 05:47:24 GMT\r\netag: \"6901aa6c-33f\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cZyFNHlrWsLS2tJyktpihQ3hNBizLeBWNPsbD9yYo0s2TBOWiRjPWMajSTBN4YYW8o8qe%2FKHJqvKorndVqwXPY0bH1nA2icYgmUpkocuJZqGWvYSD879iJFrnkT5%2BuSax2sRdYWX3w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 831\r\ncf-ray: a0df729d7ec10883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":831,"size_decoded":1621,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3","md5":"3f6bb112bffd54f9780ab93608235a90","sha1":"edbfa4f2d2e7db65a1382d8431e10df68888facb","sha256":"0bb95ff96b6753574ff160891c1159a8f5131e6cb4500d5c0279ee47c24472b4","sha512":"6d28fc8125e082b64644012fe27d1cdf41dc6b89bcd4da08b010ac22131b34456e0c6726366dd562227126382afa447d1bfcec25409475b578fa87d9230f5e13","ssdeep":"","tlshash":"ec01415fcf8ec21bf944bb35a47a432bcf0db219d483a6aa45d210f66476fd488518c6","first_seen":"2025-04-07T11:34:04.611203Z","last_seen":"2026-06-19T03:29:39.233724Z","times_seen":705,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ena.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.790Z","timestamp":1781839748790,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ena.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:12:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da9a-44a\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LpfkY2dmENRN747VGRWKD9pW43ndkkY9RJSXirgsrrykny8uSgkfv5GP9huOSUsOglyOPydBYxift2BLwAfbti7Vjlq5pZR58GNtaM5I7taMLBPp4Q38IPXXoamoiavo2N0gN1xIdQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729dfeeb0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1098,"size_decoded":1915,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2fb57e8e67d2880eff5d859e64a7485f","sha1":"d8b6dabb2de4262114c9d3ddbd9a9382bf14ab78","sha256":"226aea167d0c0c44918c401346686f803f56fcf94e8cffedaf2fc47149316c6c","sha512":"24cf2e3a44d470ad6f40612880a8916fb705970a05f6564af976cba94f3eca3915bdb3fb3fcd05f37c20b5bd2f4292d96e9e54ce75bbd09cb79e6ca37dd7bec5","ssdeep":"","tlshash":"8111f911a42098989e993264437ce889cbf13d30d51c1a8f107364610fb2cc3a28db01","first_seen":"2025-06-21T01:22:28.815902Z","last_seen":"2026-06-19T03:29:39.236199Z","times_seen":21,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ilv.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.797Z","timestamp":1781839748797,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ilv.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:12:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da9a-b7b\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IdCgEzpa0NOgeRhkOZWyr1QVjMeX4rXJi2a1bhya2g1y7f8D0OOXSma35H4wTKIkUEOt%2BlVKQ%2FXjFYJ%2FoemAclX6MreqiOQ2ZkowRLJSIWxblg1Ckc8XLzlY3j4CbuaXCszr%2FGSGmQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729dfef00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2939,"size_decoded":3767,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"c144ca9bd5b8f1f6f28f211b1d90549d","sha1":"b5898d8c043400f81a9d455a62895810879cc80a","sha256":"1cf596366c94ecf6ba3352e282006ff9b4874251d49a033ca9cdefa032fcb8ad","sha512":"13b29956d1fb3f04f3f9eec586de31797e222ee9694f6033e168ebc5e69897cf19098cd3d434f483976299d5dd2ccfca34fceebf76b2a60cebfbeda3ce4ce7f9","ssdeep":"","tlshash":"50516ebbcace3fa440a4931c37aa518445e1c5976cc97c1d15efff09411e0557ce6349","first_seen":"2025-12-03T13:20:40.558906Z","last_seen":"2026-06-19T03:29:39.240395Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/paal.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.801Z","timestamp":1781839748801,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/paal.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:12:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da9b-77d\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=woN4oYNmV2tN3Cx5II3tMFnnFSOfu5A7S8FESxDtzNtdUdBY%2BdXm4TqsR2YW7QEQFcX%2F2jDZOkNmDd%2F9Vb3GqwnOftnGkObX6eJcOq9CwbJNB9lKJa3tAW4zItcojkQDKOtysvLl0g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e0ef20883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1917,"size_decoded":2738,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"cf9442432d6e6c24f87bf9ea47b12580","sha1":"f69330515e3df37b64046c99c0067b1fc3800d26","sha256":"ee848786eebe1b12996da3c678d54e248e537b5021028a6dda1bf19a6e1d2294","sha512":"b6d3bc1e06234ef299b00f76fe921753cf173d6779344a49a81ed3a8497148f6770ccf688df5c6e37a898b70a22c39aecabd53ca1df3740621d99c0249ecf953","ssdeep":"","tlshash":"8e41f9a6efd90e3d7c529e7fd73135a8c45229f80d0f4ae8c460f7939290c65823aac5","first_seen":"2025-12-03T13:20:40.510117Z","last_seen":"2026-06-19T03:29:39.246562Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/simmi.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.844Z","timestamp":1781839748844,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/simmi.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032020-61a\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jNxeA7tfshNzlg9f2tZcDH5y%2BWgrtgrxAlcEPqr6yF9zbJLhLa8LivWheE0dLVO9ztF442ZXMZq%2FglCn8xx6%2F6qKrsyRanmXE0uGlOsrPgqKgTs4IZj%2BHIH5o%2FZA3L9zQZJy9sLx4A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e4f080883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1562,"size_decoded":2392,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"0567bf775363bde5689f88a11519aea0","sha1":"131d7669f25c5fd12ed348533a095e0d12421372","sha256":"930d0162f1299f5b6afccbb6be84624c652a73c236b2bea5c968baf1398f768c","sha512":"20435e72f259224f1ac4ad13586b43d0436ca5a876bcc20133961534d9f3ce7819919e033d2a201e960b30faa92464660d611c12186d79a6396049f7b8457a3b","ssdeep":"","tlshash":"6031ea6b6cd5178854e1021fa75c894d1d33d46a43820eeac417487857b24952c937dd","first_seen":"2025-12-03T13:20:40.528126Z","last_seen":"2026-06-19T03:29:39.250116Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/boost.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.862Z","timestamp":1781839748862,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/boost.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Thu, 30 Oct 2025 08:21:42 GMT\r\netag: \"69032016-350\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fdb2QFwfF7oKPf%2BIAVC7%2BqZ3mvzZR6qpJBDM66rPUd7Iv1yA10C6%2F9swHrhfrDGPMYxgDMFgLkE8IPYA81g7XClt0HLhCxjXNV6zi%2F0vbPIcHGSpfHMj4UPYQyoOzYkTJXzmSwrp4Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 848\r\ncf-ray: a0df729e6f130883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":848,"size_decoded":1642,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"db5f5dd3fee7cb7a787f2b297b3218a5","sha1":"c491003aee0d73fc8a2d25e623f254348df9698a","sha256":"130c32fa73c0cb7612762f56fd6e1cb32ad06130997130e5dd77b27cb624969c","sha512":"50e1a6a14afa7aa211b8d907487722e6f5c19553e5d3c16483f50d52590e0f51a6bcc4265a8ddf3c87b5421b902cd90aa2fe73de3a700d31412e739effcb87c5","ssdeep":"","tlshash":"35012392f192b974b9870abcc121064a6f729b71a163d4895091091d4b714cd83a9341","first_seen":"2025-12-03T13:20:40.491995Z","last_seen":"2026-06-19T03:29:39.25228Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/dsync.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.879Z","timestamp":1781839748879,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/dsync.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4AHlIi2yfRvcyPuUEDldD4%2BnxNrYiqRlwvrFyeLX%2BXIIYZFLB3V6WoWPzSf5xfEYzetsjJUt%2BMgJMsZAIuMrM82Rxo3Bt5EuuehLFGL4BwaVRLPF3cjl3SXKaZdmETDgE4Y3OTGMow%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 07:12:40 GMT\r\netag: \"69046168-3f5\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 1013\r\ncf-ray: a0df729e7f1c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1013,"size_decoded":1806,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"805e56fb4d147c69d3c8486ee2e0fcb3","sha1":"fb4321c96569681e51b94da2f8c017a86077f6ad","sha256":"f93bf8ad903bfb9aaf95438009216e636f629f05e0c12ce7fff11e8369f226e8","sha512":"b205b5e0c678c34d9f1ef0aad91a51290ac6229ca826204491811678aef451bf627ea45d14c0e78a59a61415b53d851feccb2d5b267a028f26d1abd4b89048b3","ssdeep":"","tlshash":"8a11d8d38e59fda8949633d0138b81cd9895303083567cb90e5141217d92a443830902","first_seen":"2025-12-03T13:20:40.682512Z","last_seen":"2026-06-19T03:29:39.257487Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/gala.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.907Z","timestamp":1781839748907,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/gala.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cYlnIkfwHTzVIWFWb9GCTgL3%2FOOe%2BS8odga%2F72to7oUiWLfSiMnPLERhV14EMDc1p%2F0mw85Wfw51m5OsUzIcfrsp3%2FxqPYiHunfiv%2BCWY10TQun5qgdaOkdW8WiVXkbOujdyOVcyQw%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 07:19:00 GMT\r\netag: \"690462e4-31b\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 795\r\ncf-ray: a0df729eaf2e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":795,"size_decoded":1593,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"6112f46733a28b76baea29259a624039","sha1":"cf693567c79335d653037d294a6c55acf90590c9","sha256":"9d908eb31da067ae9d63e8eb39b9cf57ee2c6e4697d223fd24401f496c995297","sha512":"bbbb0b2e2b9ef2f44bf41d9a0494a40bbed480ba1a3e5ad47ab6f3218d34f6c931e32637787c57a17ab177bb20c6d3abe5b11f88a54b338bc1908222f36ac103","ssdeep":"","tlshash":"c00175f31472fee4dc74c65562bd7870d137a8187d808cfac1820a697e093b18e1122a","first_seen":"2025-12-03T13:20:40.665202Z","last_seen":"2026-06-19T03:29:39.25965Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ondo.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.738Z","timestamp":1781839748738,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ondo.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa66-5bd\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RzBekPfYgi1uwv%2B%2BO0pLKNDoQEIQ1hbhJQ%2F%2FPahqe3MrgCrI1ZFpty2r9E3WvIYG8Tqp5oFuXJmDcZPWmgePHOn2jgYODSOMIcPgk%2FPHTopj9gh92SHpmFG%2BWCq8dsosZfT3gZ4CGA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729daece0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1469,"size_decoded":2301,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9a446f0703d45850dd0ac235327e159e","sha1":"e806a5808d3115fb9f30b7a18f0384e63b04378a","sha256":"d02fc1533f2165e3fa108486f3bed3b8ce3ae1566b637b0ee869bbcac1e24b0f","sha512":"962f16538256e435c58c49da951328a24d2b1d930e528147cf9273f0410c634fddd74952b30f4bc433f1bd576e36e1a52d9539f6ad4c7438f82676af733d3230","ssdeep":"","tlshash":"3d31e96553d17fe09f00637b7324f918422a83d412f5c6da07ffa50a0ad21f683ae546","first_seen":"2025-06-21T01:37:52.974522Z","last_seen":"2026-06-19T03:29:39.266501Z","times_seen":23,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/unibot.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.925Z","timestamp":1781839748925,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/unibot.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9tRw3crU1%2BctvCGsw26i4B%2BaReDaeX%2BwJRA%2FyM2pWqkyrdJPN6lExj%2Bulwpzk9xwZQMitmGyaDQAOnbp6PdFR14ptNYEl366T7Xzi%2BhpBSFGix1NVwCgcB9Svlo6pRZfpn74i3B5%2Fg%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 07:24:01 GMT\r\netag: \"69046411-368\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 872\r\ncf-ray: a0df729ecf380883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":872,"size_decoded":1672,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"0c3ea2b4803836c597615845f22045c8","sha1":"60289b5e7258088239e762b3fc88848130a731ef","sha256":"633b6fd7589356b296f8193d0aa9f583d6e17b2532b04e96f782c5bb4ff42d40","sha512":"473f8849c5449b957f1497d8ade3e727f330013a25a7f3b4cf4f21acc76a89fd6de4ee518e5adb79e56d146594540c322c38942a86be62cdcb31005d5193c37b","ssdeep":"","tlshash":"72119bc355cc6dd968e1c5a29534d74ebc5b0ab10b5d10240be7e79178d098a5cc9407","first_seen":"2025-12-03T13:20:40.479587Z","last_seen":"2026-06-19T03:29:39.268979Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aiot.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.243Z","timestamp":1781839749243,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aiot.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:39 GMT\r\netag: \"6907015b-2a5\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jm3wYQxADJMJHB0q9xRTm69RdDY%2B1fAIxuHeFjOBvJ13EHWVHypdSB6OB6AvzkrDWqAhQZJoZ9o8ZKf%2BXVTv89DY1jE9G84nHccdZWzDRKwCoAC2GHHSAVwhD073amEzh6Wq%2B%2Frj7w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 677\r\ncf-ray: a0df72a0cfb80883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":677,"size_decoded":1471,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"192604bd595e76179f2e565fb99fa6fb","sha1":"3660c28165dd8771c58a61ec2ee719f0215da7c2","sha256":"a19a94b28b42b8e83a33ee08f42641700582911f1ec4aa48d5cfc87868fcf215","sha512":"10c85cce3a600e31d51943123d142767367b6cbc0a0fd79cc29ecde1e51c5b0f7f0edbcd2232e86dba9db0f2c9d96c1ed428023eb852bbb1a25a4d2376d05a48","ssdeep":"","tlshash":"df0188a0f25d2134c10d95c28b605c5e5c317798c1341f9f2a49b74a0b23262ad0f17d","first_seen":"2025-12-03T13:20:40.636856Z","last_seen":"2026-06-19T03:29:39.275565Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/w.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.407Z","timestamp":1781839749407,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/w.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=weYTUQFw9%2BMRu5hYsjetc%2Bw7S09QeuUl9f%2FgZV2oMx7iRQifhNG82%2BhAD6L2bPFkE9ybUVqQC2psN8HcKasPJkFrxV%2FNb1z%2FcFXsnZvUUmzZGrXnd64REJrAdNsPtUIRAYQxXokXNA%3D%3D\"}]}\r\nlast-modified: Tue, 04 Nov 2025 07:29:36 GMT\r\netag: \"6909ab60-260\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 608\r\ncf-ray: a0df72a1cff20883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":608,"size_decoded":1406,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"480b022edb9c604789de8e5410243b03","sha1":"702db2b4953c8f89c454736f9112a5cdfa8c73d0","sha256":"35cb01b2b019a188903761e21fa14cb319ed2f40160d6bf2ec2ee15edc49d05d","sha512":"9ef8fe044372dc8b8bd0967781a655376ef1e53100fa5828aacc843cbae76567eb70b90e4b5496ee02226aa80431d7c73e491eac41693e15b781285bf95cbe0c","ssdeep":"","tlshash":"f2f0028341174af9c072aa01205384dc76d260685d268a961ff509b53c5d35f58388af","first_seen":"2025-12-03T13:20:40.623065Z","last_seen":"2026-06-19T03:29:39.277738Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/badger.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.471Z","timestamp":1781839749471,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/badger.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:49:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909be24-702\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CZrYYeSKJ%2Btd9ubvNpzLoDkE9ACorz4twB%2B2DVf0aUTYqegqSCz2fALGy6eXQXsJNvTpd3RWWkrWCaWen4Rsa5pBlrImvXTVtTDIniU6L4R4LsSH4Kj0vRy0zLpaeXKJb7RQT19X%2BA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a238110883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1794,"size_decoded":2547,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"98cf046593c83355a18ec00212911b40","sha1":"5eb86b52b88f1530b7bf9ce57e59e6763d0315d6","sha256":"1fa1a64322ad07b590e47d5daebf693d41a67c7709445d48c4a1882d49064b7b","sha512":"04cb53781f85a4564659689b614a93cc7cdffb905915e5a3c3b3e920a096dd3f36895a0948521477d6b364de83778a7a7c9574583a676cf58654fe8179c5c96d","ssdeep":"","tlshash":"eb311d6767216e07f9e25b344f48c760316be8455f0f1b25d163aa47d9cf4c42d1030d","first_seen":"2025-12-03T13:20:40.442908Z","last_seen":"2026-06-19T03:29:39.280322Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/jesse.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.493Z","timestamp":1781839749493,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/jesse.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a21-8b2\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rlyYULIJzEN%2Bjm%2F0cZNrPNeKsHMQVl6e2rfQ7xZo0Tz5O6F4mqqa00v1DQdgs5YnI5QLw8xtNerONiZNNtd0ILym7yOQNpPuW9BjL0u4N5Go9ep%2BYfNvF13qS9fd3a0oX5cgzqOauQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a258200883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2226,"size_decoded":2981,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"c29f52f56c1301c778e49312ae671c04","sha1":"1237797cd88a6f443977402a2d00f2f16d296ddc","sha256":"cfcdb0cdad4624dce3c2f750ad35b388f3bde7e2c1df663dfb49b95089e9d9f4","sha512":"83320e9a9ff154be18d4ce49f8709f6246e0bfbac0dd1b525ba1ee6c27d51823e48957de3c65aff9bd83cda7641ed60505bdaceb466728cde8392c936d803485","ssdeep":"","tlshash":"fb412b3a2694c41bf4390337952ede7c6cc2040c0e3c97aa1b22974472f67896cb5257","first_seen":"2025-12-31T11:42:51.976597Z","last_seen":"2026-06-19T03:29:39.282546Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/mito.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.501Z","timestamp":1781839749501,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/mito.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a2d-942\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=asDWz2D4yopzX14oB8QahzxjFAkwISV0zQKrQDyxHAeqkqNVSwwG%2BK8a%2FlzCxL2TscLrWvsKrTJyy9lAFn1UTDNWhl74mt5TwF9s8kG86IzGS4bLcSV3wJRcskQMxvb8VrCbLv%2FvNQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a268230883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2370,"size_decoded":3196,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"55ad0582fba689a8778fbdadd22433c7","sha1":"9f158d62efee9fd49d71f20d4688745f2174c5be","sha256":"836af5cb9cc42e0b586953d04b5c59e7ad876e6d4b0138852a07414d3dc6034c","sha512":"807ed05930ba4af932815d54169c18ff24d5c222d15e015ddb3127ccff20236c83600a3837805a9411fb2513ee833854ee585fc6795ee39fbcaddbef93c03bfe","ssdeep":"","tlshash":"2f413be52424a0991ae6192c8cd393bfd8953413eb42a4eb2c88461cee15d9a1aa4375","first_seen":"2025-12-31T11:42:51.747592Z","last_seen":"2026-06-19T03:29:39.28515Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/irys.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.588Z","timestamp":1781839749588,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/irys.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Wed, 28 Jan 2026 07:12:08 GMT\r\netag: \"6979b6c8-2c7\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F2%2BFTJ9zfqcwirpdzvdjDZsEl5xA%2BIqokuFzTAZI%2B0ZwR%2FLXm%2F6d%2BxwYpMywapPEIoNJGpxhWsfja0mOd7YbqpSFaUfgy84G6Zpc3uqydXf4iVJwyuphPqYTHaDtoyRyfmjeyG2WMA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 711\r\ncf-ray: a0df72a2e8500883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":711,"size_decoded":1509,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"6d3a9d6a2ec811e25dcd42b2268fcb55","sha1":"741219b798c8955d184ac1a2b71923afc7fb7bae","sha256":"aaf9be00133e7d681c914ca9d33a586ec7ec21be1fb568d7ea4792f24f8bd201","sha512":"1893133a1e844f828b1fb8fb5c8fbf46a4965d3d9519a44cf32093af988239deb8ba8793b6dd656a4ef5579f48975489101578097ade112234a87784c416fb58","ssdeep":"","tlshash":"440144674bfd0f00ed001b8409e05ad30a7392888a860a57a5671851b3faa08d6ee7bf","first_seen":"2026-02-18T12:44:30.835459Z","last_seen":"2026-06-19T03:29:39.287342Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/pol.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.689Z","timestamp":1781839748689,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/pol.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 28 Oct 2025 13:43:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6900c884-52b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JqbnWeF6ZVKVXi%2FWHG1busknV6ps9Rnpcl2NYSEro5aHJoPxxI%2F1kxFEKWT4og2SjxyvmKAe7Ccif0SxVF%2BU46oolsstNUHdRr3W0ZUr3wtKU4ODhVtP2szPFrGkybxFXMU1OwiPhw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d5eb70883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1323,"size_decoded":1491,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b9b4fa442178a5f3947ec8650cefe20e","sha1":"24cf630a89ffcfe61e55c1740f5ffc7211532a12","sha256":"d2f9629a95e959b17fab2f5a8c7f041670993db93fe6a98298c925bf96c2118a","sha512":"15a2e2f62535b7c3206db003038c6337efe5316a9d32c267f4e539c57fb5d0a156e6ab1b83f5e7fd6f424afd241305a977ced1238b0d6b0d6fc9b45d9314e80a","ssdeep":"","tlshash":"492101fd4fc1cde5d6e892d6d7508116a55251769ac6c338c1105f3b684038cd849fe7","first_seen":"2025-07-12T01:54:52.835115Z","last_seen":"2026-06-19T03:29:39.292382Z","times_seen":20,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/htx.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.733Z","timestamp":1781839748733,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/htx.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa77-78f\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=20SKzHwKDgfBJtAwpwZ9JtZriYYU4bmPcxR9y5n3MlSBXzBWBxnaQnSZXuKidNDjvLsvQ6tVMtYA2Jx8CJJ98N9Ftr0Faq2SXeKLxhkjrARmNn2f0voU9pl3XL6%2BivFRuZeA%2F2EGug%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d9ecc0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1935,"size_decoded":2754,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"09678e660868e85c12c11381091b83fb","sha1":"d68dbfdeb6730ef6e9395d0d8cabaea9cd96d995","sha256":"b774561fb8ee6043704fe495c8c098d31385476098e7c9e1331d71ba2f9af755","sha512":"89e75f570d1fba07f963063d52610dd0d32e772442144a8a73f6999a39cec0ce7921b694d76e13432a17f513f1bffb50e0a7000b19e3c4c9504ef9f949120512","ssdeep":"","tlshash":"904128e1a2b149d18778683e59f32e6a80e2d1330dbdf7ed5fc10b894a2505292345cf","first_seen":"2025-12-03T13:20:40.496815Z","last_seen":"2026-06-19T03:29:39.295059Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/usual.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.537Z","timestamp":1781839749537,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/usual.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a26-653\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3k3tz%2B53l5hAOX28%2B9R1pntFf1eJvs59urqZ0cqG24QvULYl3YLDeJDnV%2BBauLUtG77QY7INLsJg81qJR1tCnCYKBZ4oD7V32IUf4Va7eo4O2ak0FCo2KAasKbsS0uHFsaQWfT8PhA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a298380883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1619,"size_decoded":2445,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"336b66a7c870015b84efac7538ee614a","sha1":"2e06df4b6ea8103dda118f81dc864ee38b059273","sha256":"554270894948dbb9f31f4cab0e95ab065d1113fbc598205e132136cb533d9124","sha512":"b7b26f12a0dc4e1d2d5252c945901bbbfa7fe3905b54c260040a9b10f229f76ab6160b6178dbefb2e6f22a48579cec8f1b92e3ceba308247f060694eceb95c50","ssdeep":"","tlshash":"eb31e8df5186dad28e5f8078cedf37834c166469091322a6eb0f19b05f903c764e7126","first_seen":"2025-12-31T11:42:51.748725Z","last_seen":"2026-06-19T03:29:39.29722Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/pop.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.869Z","timestamp":1781839748869,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/pop.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Thu, 30 Oct 2025 08:21:50 GMT\r\netag: \"6903201e-2c5\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d5ErN%2FE4VUeHggZH7rrawvsuQEsIYfYjqljBi%2FqSFhntfWvh8F%2BkFsvBJ5uyZpjiDeInzRGb68tg6HzAzIj5Z4%2BrvDOU1p5TQxv8dO89G6L220zUvcOXrDm38UGnqu6XtdzmG1bvrQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 709\r\ncf-ray: a0df729e6f170883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":709,"size_decoded":1503,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"a0b16e929e60507e9c49a9cad314843b","sha1":"e2e200c90f2ee0167e5f21b0db92a008fa78677e","sha256":"105f0331d641dfaff3e6b3106a4bfbfcd48b951406b6a795c15c60c46406e506","sha512":"0120cbb1d4f1a5eba985d7a5d852d60904630f6c880c8aa4bbf31b64768bb8ed90f71abc2b3b98d48fa93a04d95e439db239d533f7114cc9bfde71341aa74713","ssdeep":"","tlshash":"17019499d233e81fe1c36100a8a4b0ddfc9a39082908e440091c8b387a33a4a229aa01","first_seen":"2025-12-03T13:20:40.50514Z","last_seen":"2026-06-19T03:29:39.299381Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/quq.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.877Z","timestamp":1781839748877,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/quq.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:43:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6903252a-775\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8E616pWO74sq7XO%2Fi59OEelnbYUSd9spulW%2FzV4hDxq7guLy1zIW8BlGj3KqnrvTNblj46yrhcdcBYx9vy6unQR9DMCDl%2Btg7ROOEB29Asna3GCIOyTLMTVgxdpehiBEvJ3FYjY01w%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e7f1b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1909,"size_decoded":2730,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"06dff24f409d2f1121d18c1974b5ee1c","sha1":"27698fdcb445651d6bda5e68db9980511727646e","sha256":"a824260173f2f813b7004d316e4a16e151994aa3cee0e7a371be376cc86b54b2","sha512":"71d17abf23ba0649129e6a48a22e3be6875282a316f4a95f484e55481bcbce50785228165e7219feabaa0c691a1dcbc2acca63b77897738ce8e75c78e2d0380b","ssdeep":"","tlshash":"61413bf409997c42c4fe3f67a21a499458142d391c01859578d2c25917e4430c537a8f","first_seen":"2025-12-03T13:20:40.677125Z","last_seen":"2026-06-19T03:29:39.301805Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/tig.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.223Z","timestamp":1781839749223,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/tig.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:35 GMT\r\netag: \"69070157-23c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1VOFeeIj5gIXSz5ZNuxWs9GUmQ9np8QLwRfNofDWzn%2BpGjfZNhbtoIqU9xwu7QBgR7lq%2BNWNCgaX7581BfRnqy%2Fj4WkD3oCFwijTYY2WGzN9o3dOh2B47FjerfsxNi4DYRqpby6eAQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 572\r\ncf-ray: a0df72a0afb00883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":572,"size_decoded":1364,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"d2f9226d9d11ec7a61246ae9613fc485","sha1":"62f6a854263b2bfa0077d83adbabace082050c41","sha256":"3b1dcf7a313534c35bb307a139a17ee450035cb61d3bf0e3d335f2be10ea2c3f","sha512":"956d06ce2641902db3c5bd73626d87af610635eee0b7ee20a6257a5ad2ab94d5ec76245ac2b5cb73b56963944bbe6e86e1c268d9213a307933cb6a144f294690","ssdeep":"","tlshash":"c6f041ee7bb02f5ce20228a31e10ac02b68328192a021606c487b2512d44dab5f8ee61","first_seen":"2025-12-03T13:20:40.510889Z","last_seen":"2026-06-19T03:29:39.303948Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cbeth.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.326Z","timestamp":1781839749326,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cbeth.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LpplRfqSC7XO8%2FP%2F5qdWfW%2FZo6pWb3Zbpo4zO3IgLqjZTSEeOdB43uKT0j7tRpjueaaiV9dtP85rGNyPLI4A8mXFXVDjmq792iJ2Ez7L6S5qtwDVjT8HRMhpcNpSkHQsRlnLQYwYYQ%3D%3D\"}]}\r\nlast-modified: Sun, 02 Nov 2025 06:59:26 GMT\r\netag: \"6907014e-3c7\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 967\r\ncf-ray: a0df72a15fd50883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":967,"size_decoded":1759,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"71e670225aa76b5121166479901e4837","sha1":"dd992b03b8a5ef2b1788a97cae92a68d3de50d55","sha256":"b8aee78d1299b6008096346f78b9c6d1f3b35f427c076c73afddbe732c1f90c2","sha512":"f6677bca875686b2af1634db59e24e6738f482638536b7688256e86d734eb15b2a583fd29c4c380f19f29091a00e43211637ef7a46a97457a904213e90924cf7","ssdeep":"","tlshash":"e711c4b062022cfbe074c6a1a719b364a2ce75509ce0cc77921e4122699b4c0d2c3200","first_seen":"2025-12-03T13:20:40.626188Z","last_seen":"2026-06-19T03:29:39.309262Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/siren.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.605Z","timestamp":1781839749605,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/siren.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6cc-e5c\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ykvOno2BFEQahAJoXvFfnXL6yrZphQgBlNceuuT47JHWwhofVa10QOzS%2FEVaQQSK0v7EZ%2FvJKj7j6p0sYUW2JRO7tKaSZcdliOLGcncX9uLlBkzglWrlH3F9ppRWjVVXNQJw6RmseQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a308570883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3676,"size_decoded":4231,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"2bcd04a5f16c55e180db62437677f731","sha1":"3a060f231b77640f6cdc63b3add36deae3fb9eda","sha256":"a094705f4816c8c70e32ad949821917725add2483bd83955f571bf7a56eaf6d2","sha512":"1f340224cc7e797d03c1802743569e2e1d4261ab839b26ba7a6f74f61b67ef53540651d27ab379c4a28022fa3346f581ecc49a599b808bbb43664f3a50f4811e","ssdeep":"","tlshash":"51715c6fa760230ff89509b16a21077a6214ff3f4d594563c1e9ab353f930d1bc162d1","first_seen":"2026-02-18T12:44:31.168741Z","last_seen":"2026-06-19T03:29:39.320751Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/lbtc.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.722Z","timestamp":1781839748722,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/lbtc.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa77-64c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T%2BqIkMbXrTm3O76Nv%2FAI2eNh0nWSHd1%2FSPeEkFMUttSNBYXVpl3aqMyUCX1z8hms%2Bvm8oOK7wM6qwkBzKPlre9nUd3uUmqc3MciBZrnTsbp0uctdQZDtlv5spGDDcKaFasn3bW7y6Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d8ec50883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1612,"size_decoded":2440,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"856e9f09cfad1b691f9851810967eb74","sha1":"f1abae32bd14fc675d12646e6542b47b864002fe","sha256":"949f78ed2b99f7b494564ea64e5a54c5f1c5b98325cb38c2c971994931b2bac7","sha512":"f0e86eeab232d37b691f53dfedeae18e0770fe7c9d884b940299a833b0bb8b499c4e2fef6ced29b1fef1dc6ae80a2054b8671283c72ce306b689ebe351583e34","ssdeep":"","tlshash":"0e312a22b111e0cacfcf17a1835a4a61921ae0be8bb0d3bd804b61d4ff8451ee5782d4","first_seen":"2025-12-03T13:20:40.544588Z","last_seen":"2026-06-19T03:29:39.32365Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/mcade.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.838Z","timestamp":1781839748838,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/mcade.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6903201d-431\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lIU4rQiCSzf2LOSTeM0QLXHBO%2FDonqzYgOv3GA7M8SCNT9VkTcIgVqKrTxY7r5xVaTsDSfuqseJaxDTsiDOLaPzlLOxBEZ3OdY2HHxYRilMNW1guus178jb34vuThvw6Lomg6VJ2%2Bg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e4f050883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1073,"size_decoded":1891,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"337fcf533659929fa213b4dee4345c75","sha1":"3c8dbc247250bec7f697a7ec4985ccd4286b4234","sha256":"50b41b9655f4f7e0f52f69b25f7c0687f2e3a4f885f787cfda533ac3211c094b","sha512":"f289e6d393c6cbde8c460d64737e9c28512a7681325c2b17c117c79d370b35849a64603dd7b5e52c31a95d4b198ea5c541ecd9ceea2eaa20781d7d55e5e3faa1","ssdeep":"","tlshash":"9711186e055b2f33c491a6115cca2cf5ebdacbf0ae078912442182ac3b02e08dd708fb","first_seen":"2025-12-03T13:20:40.559562Z","last_seen":"2026-06-19T03:29:39.329117Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aevo.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.904Z","timestamp":1781839748904,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aevo.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DZBoEyWeKmeL8j717k4W0POm%2FvZ%2FyU9GHuiaeyNOnSU20I%2B6Ll4R3k95ESsA%2F6w18E7pfIdVE0CCrTyqURpAgbnm4xTKZ4k397%2BGd2VwelbMpoJPiMEqSsP1BT2JFfCl5dHSdlVCXg%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 07:18:59 GMT\r\netag: \"690462e3-2a4\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 676\r\ncf-ray: a0df729eaf2c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":676,"size_decoded":1472,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"3212ba1005fb79462280f72e2c650c4c","sha1":"4f9e3d5e7b6ff0458acd29d7c3d2a05782bc88fc","sha256":"bc02abd758ed861f744c0911cf0ca4c6a1c4745a42bd9d3f4de62f72baaad006","sha512":"817565f21c1aa96c0244085d717b8bbb2b63bc4af48b0689714dfc4c3ee1be4dba563d1652aaa7d11f6055021680b241ea1c1c768712a1a3754d8abe547ea36d","ssdeep":"","tlshash":"650183da42877428cd2199a87f1517daeb8bb0248898199310eb8779c4b390c52eab1e","first_seen":"2025-12-03T13:20:40.683307Z","last_seen":"2026-06-19T03:29:39.332423Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/home.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.124Z","timestamp":1781839749124,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/home.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 06:55:03 GMT\r\netag: \"6905aec7-2c3\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AVOzwzCLC19FIZhQuvrsmbzbTQveR9eNHPPPIUrBGgXfoIUMldSTWW8Je5G3atiEWs3olX18JppOt9M6Y%2FU7TjA4QbNzFvT%2Bacsciip4e6XX%2FPr6hhiEvXSPjsk6Q%2BB5Lb9NbA7TQQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 707\r\ncf-ray: a0df72a00f860883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":707,"size_decoded":1501,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"d22f587ba02b5ecf905c7ffe407bf102","sha1":"fc01b7bc6d6d34bc61c7d6d4231ef98d550009b1","sha256":"a37bf35298bc893c8cbc5930ba0e25328097afd64a75dba25a00793096c73d85","sha512":"477bf45103f0c55b47dace0ddec16d8cff32f85877d593e222774372260f65a6004cc6b805f3c2b84af4496c713a28302b7d7b29bad350c6b359dd25b2a1daad","ssdeep":"","tlshash":"050144b30061fda1fb2d7a25b4f72daad8b2648940204b9cd91a1778565a3fe2bc244d","first_seen":"2025-12-03T13:20:40.635314Z","last_seen":"2026-06-19T03:29:39.335036Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/yala.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.273Z","timestamp":1781839749273,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/yala.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mrCyahVbVnOrfhjaZLP%2BLsSio12ZUQD8t96HNELk8ZZsSczoU4CPdYfSCqcurimh2xmzl6pTZMssvQKaPJ3u0YDcv6DrBJ813NV3yz1CwuoYlB5IL6CvENlsq10TmwhN41Kb7z2l6w%3D%3D\"}]}\r\nlast-modified: Sun, 02 Nov 2025 06:59:38 GMT\r\netag: \"6907015a-200\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 512\r\ncf-ray: a0df72a0ffc40883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":512,"size_decoded":1300,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9fed522424eb35726b21edd6e05a3fd1","sha1":"59837083b552366ba80fb4b04a10ef4cf9489be8","sha256":"f514018954738d3d79ef7eaf07352aea79f4d13e0f1b48f01d06b67ecf0c5636","sha512":"056893b016cd79a270a181f50ee93a64990046d4db29786c9b1f3a0c10f421b878092394c6808a47debfb8efcdb174eaf00c75ba2433b3ef14ce78ab7913cc5a","ssdeep":"","tlshash":"42f005c3725174258c43c1710291a45bedf08c6f5c96b5e5a30e2e5f0b7b3558019b46","first_seen":"2025-12-03T13:20:40.575115Z","last_seen":"2026-06-19T03:29:39.338484Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aop.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.457Z","timestamp":1781839749457,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aop.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:49:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909be23-746\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B3T%2FxF0U8dvGgCUCWe6SOtMiSxdsAfQvogC%2FjlM%2FDbSljKADA%2BexKtQKXuTsU96bW%2BmF2gZPVtQHdJvVH1dKO3GRmtQ%2B00O6q5R8JGetMqT0z5P%2Fh%2BpHNBYgw%2Fe6HADpUGO6qpS4Ag%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a2180b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1862,"size_decoded":2695,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"53e062fa901dc0919ca6d5c3b79149ad","sha1":"1ca0892cb3cb9db93ae2b3b600451d496754b6cb","sha256":"198bf76789254a09c7b6c61311b91185c202682db5878975a42c500351cd5990","sha512":"4f756c67bd8563bca4918fed122c401b137c42c4000657242bc43154fc34e6693aa985f82a2f7d53f2e829c40f103cefdcd018aa0c9e8ce3a3ecc9659bcb59f0","ssdeep":"","tlshash":"2431f988de4e2c8ea25301f69f68520286d5929d49a2c20f5db84e4b16327bd44edbcf","first_seen":"2025-12-03T13:20:40.599641Z","last_seen":"2026-06-19T03:29:39.342339Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bobo.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.477Z","timestamp":1781839749477,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bobo.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nQboJpPIAdx9WQOoESSHEmFaaklI8uRm4iqvc4j4KSa29uM1GBTvVz8HSH0dcE%2BEHmxWrd1o%2B%2F%2FeQXy787W2qbTrSE7%2FABHfinQdesaVS1X1Kt20IHNE6pXI5u9kOFJWFMY5edPZNA%3D%3D\"}]}\r\nlast-modified: Tue, 04 Nov 2025 08:49:41 GMT\r\netag: \"6909be25-3b3\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 947\r\ncf-ray: a0df72a238150883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":947,"size_decoded":1743,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"cd161135cf18950fe981e800f9707e26","sha1":"f4d4fcdedba8f59bed20c752f04e128820f54aec","sha256":"4846fd7346e097289cd8bf528fcfa7737a3d699768723eee383b417c54c49ca0","sha512":"77fbfa3b8864bab4c42d20a0e1c9c5cb016cfc480317e4f8fd9e3fe74f90361de92f6dab55bbb1cf188f82d545ff56e23a98f264212181b694cf7e3688582720","ssdeep":"","tlshash":"d0119846e3056d7df6d11397d11015a8fd07ceb0d911c58b3245594831a6ba26c4fa05","first_seen":"2025-12-03T13:20:40.685349Z","last_seen":"2026-06-19T03:29:39.345528Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aero.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.671Z","timestamp":1781839748671,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aero.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa70-5e3\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IGE0qDRvWHfXFrHqxaXIBdAIk%2FLXWkwXDDS8fXnWvO1CfWQYgkTJ%2BqiFgSUrWMkPDiYmxRGBJpvPdUhLRVxldJIunOa28%2B9YaL75fnIiFQUDr4m%2FUK90H1qTZEUxixz2DqD0wazieQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729d3eaf0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1507,"size_decoded":2335,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"21db3ff278e5f8648dc71ef448794239","sha1":"8177d6bbbac9d94e336659ef2469c1b7f92bb91c","sha256":"36433612bb71d731b19c290ab90a7dd5437050db2b5316e1a7ddf46a891ecd32","sha512":"9e524a98ff0ce68541f3da627b1cb0dcb4428227a3e056468c84d160e822c288d18fd20fb247ddf87d20d51369d7bdf27b5784814ab3cb28b40b776df5ed4e33","ssdeep":"","tlshash":"45312c9ac5980f1530984278402e30b0ffef070ef1b554e6df39d8614988a03e72c6a6","first_seen":"2025-06-21T01:12:45.245026Z","last_seen":"2026-06-19T03:29:39.34794Z","times_seen":21,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aubrai.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.772Z","timestamp":1781839748772,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aubrai.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 05:47:29 GMT\r\netag: \"6901aa71-30b\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lRlCP9AaOqInC85%2FCLXLvCUK6sNUMW3twsihiqJqXR3LUajd9nnugHFnyfvNIvni0pMEtPmqeYdelBJPX8d8MUdp2CcjJfbQIWjh%2FBUuG6v3XILgWPVuyKc00bzZziFAbYzd7%2FqyTQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 779\r\ncf-ray: a0df729ddee10883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":779,"size_decoded":1571,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"f5fdefe09f38c2507cc1f9f9a88bc149","sha1":"ff03cfa6a1818fdaabf658270503135f60ebe2fc","sha256":"83de62aabd89017bbcc8733cf51017ff52045908ccec7b3b10d74cec3ccc2ed5","sha512":"4570b358e6e2dcd7ea8f5397a3481792bee7b90b024e1af250bc946fc64b1e10cb968e1f1b33c9cf4800d026dbaaa18d0f09403d7be86ae7d990b586da7d3cfe","ssdeep":"","tlshash":"ef01ba0748629dfeb134cf5d9461cde5bc6d552d93401064b419e8138f32302f675e2b","first_seen":"2025-12-03T13:20:40.638116Z","last_seen":"2026-06-19T03:29:39.350034Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/mog.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.802Z","timestamp":1781839748802,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/mog.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:12:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da9b-be0\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xiqLugL9J0cNtVvCTEXM%2BtrVQYt3mwtk2sQL9scb0bupsJTZdkI%2FeihuW1Q9A7gkFRbs1sDdF0BGhqo7LjT1VRud2s2%2FciC1ydJASMFgjmMTRy2IbEoBoEdoV5HexI4B49O33qkM4w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e0ef30883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3040,"size_decoded":3866,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"94f5e65c2ec9bb7f0baac463b7ac94a0","sha1":"60da23ca2bba39c8d316d43344974187f222719b","sha256":"d7d4a1ef6cb0aff9d0e6ab08c00ff4dd6c4d9d9655ab758742b0d4ca22c73e4b","sha512":"69350518dd8684bcb14e6206ae6ced009783d4d5d382635531aab05908ddfce52abefd43c91c60838de1fd85a49e277370c1e954a3a84eb1df64d9f3a6bd897d","ssdeep":"","tlshash":"3d517c713600a4ee5f6593607b0ea518b96fa827ab105f3babc7e10805b7c006efe701","first_seen":"2025-12-03T13:20:40.6474Z","last_seen":"2026-06-19T03:29:39.353683Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/send.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.842Z","timestamp":1781839748842,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/send.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Thu, 30 Oct 2025 08:21:52 GMT\r\netag: \"69032020-380\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=efmUfuoyYZ7jrOrIUI%2FUyNRfnJb8Ja65AveBRMUya083MCv8hg03ASqHHYUXXhvw8eOGKN4ZwunTzftEclwD8IV%2Bl5hHprwN0wfgUyqQ4WPhRmBtZ3sdvokDc86bcz2BNrLBytkTfQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 896\r\ncf-ray: a0df729e4f070883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":896,"size_decoded":1686,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"25cdd2d0f9054c898d0c66f3e5778e58","sha1":"7f6484b34839e7bfdcf68ba31b0729f4e9d01dce","sha256":"8e340e14d2ec9a913b726175d0d492375ccda929e70fc4b4878b911f12d34cc6","sha512":"e9450853972dcbfe67190878d4bd7f7d8315ff47c1896aca06bd87e76bef563c74c100f8adde40c78ffeee1dd4424f8f6104cfdac2d03ceedcb4394de90a2d83","ssdeep":"","tlshash":"6111b7451019742ac385cf813f7934dd882071951ba3879e863db8dd12d687a336bd22","first_seen":"2025-12-03T13:20:40.453309Z","last_seen":"2026-06-19T03:29:39.359347Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/egl1.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.147Z","timestamp":1781839749147,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/egl1.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905ceac-748\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xG3efqT6LyWhH3DJASZqN8SbLU9zn2vhTn%2FXb3sp5z5lmC2xTQOgxktxyB%2BylMTLyA4Br9TVLTFWn5PH%2BFMNCUAtlEt%2FFqKzAWSlt2mlB0ihP9RrB2KO2YeibAKMH%2FvTkGpdSS2lNA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a02f940883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1864,"size_decoded":2689,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"6633fc23353168af737e429ce494554f","sha1":"28624882b05d61b67ef04419ae90ca4ad99fae86","sha256":"8a323e255dfe08d7ae01077e52084f273c1630c9f572539ad3fa57b362f71c9e","sha512":"69824dafd876ecd520af0e998d8b164b9173b049619aadea06f7481a0ee2d89d67654c281fc926c05641d94b898df909cac8f5db080a2936bf9ff7eac0683d17","ssdeep":"","tlshash":"43312d91d8e1d56281e67d334b450954d395c08fbc6b78bb7293c3738791f699e41144","first_seen":"2025-12-03T13:20:40.695011Z","last_seen":"2026-06-19T03:29:39.36151Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bsc.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.682Z","timestamp":1781839748682,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bsc.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 28 Oct 2025 13:43:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6900c882-5fc\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ic49nDAKnrGq1nb%2BGYKRY2ZqUezZxQXscpJpGA6ZPYCYjEKvY4kq%2FmlcfscAvUkKBwN1Ah%2FJEdQTJFXApbKF2AW4grdfo8FnbGZmpxXBDUndcRrq2rHqO58fwQ6obdfvvi3j8%2FGAnQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d4eb40883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1532,"size_decoded":1448,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1747f933092e1093338d25a4deb8a96a","sha1":"9cd4401329beb790d224210f471b14cb62232ffa","sha256":"0487840f7d24eb84033bd556885b5d10a46e6231f49dfefd367e6e9fbcbbddbc","sha512":"10bb2f9676bb519ba3c50f3730cf874af3d1d408fd14cec3a8aad66ddae27800489a62ba956b61b53c88aa760986a3ef96ac0aeecfb1f19a2a5eb2ee849770c7","ssdeep":"","tlshash":"6f31f005c7d5db977da5c7eed6b20852553340daa23382b4eb07e032bc2f0e6568c6e5","first_seen":"2025-01-06T22:11:01.188603Z","last_seen":"2026-06-20T03:25:12.886042Z","times_seen":32,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/wkeydao.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.158Z","timestamp":1781839749158,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/wkeydao.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905ceaa-4ba\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O0o%2FlkCIKgk6RF%2FcqzM95L5cRMVMIaxyuZ5xoFDX3lilvcf6nD9cXDIzzt7E2Uemfpf9BTP0Tfd%2Fla6mT4JisWTwV16KIReGOiBHnkSE3vgR970mEhpH%2FgkCAyg7ftu%2B5ZuHuY7G9g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a03f990883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1210,"size_decoded":2040,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"c39d97531a6e11383ae46c44d4d245a0","sha1":"6c34231fc9a654d9c1885b8a4caa88c0f84b9737","sha256":"cd26fe388349d58861b3c9457093156719ba5f0a76206499efac8b35691ca1f4","sha512":"78ed9c5b320aa80b68c3095302af78a49a480c2b8d783a185c3556fe8dab1deb0dc5d28f6948d5570aae37a23c5bd87903f4ed42bc2a7bb712643f60f0d1e450","ssdeep":"","tlshash":"8921dab04303719ee6ca3fb35c3ec019c81e73545cd154aa0ee62066ddf90989bd05b3","first_seen":"2025-12-03T13:20:40.677863Z","last_seen":"2026-06-19T03:29:39.37333Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/linea.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.423Z","timestamp":1781839749423,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/linea.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i\r\nlast-modified: Tue, 28 Oct 2025 13:43:31 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CfvqarSA57QpBrcjre4fs9mXXiPYqJC8gIss1L%2FeadkxxykKIa4LIV7WK%2FgCH6qpn5nCOUp9cExXNQ5eD2Z3EjO0J0QuB7j7ACyOP3395DZUcb0Dv8ehxhnF2Tsse%2BJVfv2JUg%2BAnA%3D%3D\"}]}\r\nage: 291\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6900c883-324\"\r\ncf-ray: a0df72a1eff80883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":804,"size_decoded":1160,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"00f449cf0ee1195aecdfec753d620500","sha1":"8f24d579e71fd2e21b24cc091b8865fd95f89fe8","sha256":"85931b19ab53ad3cd3da4b3b529e50c20dc64e6ddcc800ef9fe88977ee81625e","sha512":"acd6db3a5f13e56b09311db4c0c090282b3bb3d3884fb67d30c6e904a27fb7583356a513bf8eed6b123e67e1ccddb22b6c43522865f8b16f9595e1b169df663c","ssdeep":"","tlshash":"a901cee877481d06d700d3e25f8839b1493ea3d1ee56235482193307318f6c67ca67d9","first_seen":"2025-12-03T13:20:40.586398Z","last_seen":"2026-06-19T03:29:39.375558Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/zkp.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.563Z","timestamp":1781839749563,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/zkp.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Wed, 28 Jan 2026 07:12:13 GMT\r\netag: \"6979b6cd-143\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FMDXwqDSu3qZ%2BOdm6U%2BDI35%2F3YARw9N9d6P5aa%2BXAu48bM%2BGoOFC%2Bv9NksKhlyOW4x%2FiDCk%2FMiRQoOe4YJkPzt7oxmJJ0gCwZkY7flO73pia2A%2FruNYnKT17fd%2BI%2BuABHhATsTOWqg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 323\r\ncf-ray: a0df72a2c8460883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":323,"size_decoded":1133,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"11d97d930a546b664c229e989cedab90","sha1":"30a5a84d57244a5e527823cd24fa9323fb509156","sha256":"21e1a2b355de9da4b75c599ffc8acd820aa8cd3f6dc8a71a4b32ab1e83ae670b","sha512":"3affccc8f35ecccd4b1fac8061547c11f193d1867e8ab9edb414414891383860513e0876f89811ac33f9af9d2bd7c958fa1a9e2a33a9348446e2e55ba92d3e42","ssdeep":"","tlshash":"d0e07db4274d782df72fde52051602d47cdad6894d2285b986d39413865ac44d3523ba","first_seen":"2026-02-18T12:44:30.828268Z","last_seen":"2026-06-19T03:29:39.380464Z","times_seen":11,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/turbo.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.888Z","timestamp":1781839748888,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/turbo.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:12:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046167-75a\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dSd8q6vH0qVzMdT5ubYFSaa1R4s6mI3Vt72K33BkBRwd8D%2B6daLIwkY5qGKoYh82DvmcUvX1PXb6n4kFiBm7WVY6C9c8bQ9uGe3da%2FeMCnbF%2BmaAvUpVHINFtvlnRRx2s%2F2oiKl%2FRw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e8f220883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1882,"size_decoded":2707,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"c4cfc2f20a017999869eeff74e566707","sha1":"c66df6678418464bfd0fe36a4a4c464c3a8a557b","sha256":"59143072c9c1bef723e0de9ce90e6413e1b579f548bf43612ca2446aac0aec5a","sha512":"d75c25830d0c52eb291f14414a3a6a8ca3bb73fe26c3242bb19420584865a7d2742d9be4e307f42ad151b05d4d04f1923cc09a94aca279f35991c0c0cf80cddf","ssdeep":"","tlshash":"99410b8bb491f11be7df5b13370409ead6b9223cdc8124a1da4f802f6a35c5194af6f9","first_seen":"2025-12-03T13:20:40.620618Z","last_seen":"2026-06-19T03:29:39.384317Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/usd1.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.714Z","timestamp":1781839748714,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/usd1.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa6a-a21\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HHoZImzvuspKKWG6IOy1r4YK9T1%2F0BVWITJtLdYITqFIXiMObi7KUV6Ry5QGWrlZTEqce0VfvRv%2FxoIHJVWU4RXC6UMlhsdyke%2B3zICiG8pB5N%2BVjZ7GSChzxXiXjYwDp2jm8ap07A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d7ec20883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2593,"size_decoded":3421,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit colormap, non-interlaced","md5":"cc2b60409e824909826380247516f385","sha1":"9822284d6fd8e13fa7751d96bc2dd6dc28aa0a24","sha256":"5f9ed608d90f58d456bdc9dd1cb0654bd82825e7f180f0aed8964a0a265bfd2a","sha512":"f48087aee4e92a4b21519733d47974d58936c659a21ec3cbdc498359f0cccf6a4725bee3d738f7e0c005ba1d5b527701a1828ab783a3bc70346789142ac832ba","ssdeep":"","tlshash":"ce514c268bbd860809a0a814da9884a9e84955b09f88775928c3bc3d7027f9f353d904","first_seen":"2025-12-03T13:20:40.444344Z","last_seen":"2026-06-19T03:29:39.387401Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cbbtc.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.724Z","timestamp":1781839748724,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cbbtc.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:31 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa73-aff\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GXvLJyL30Zu%2Bo7AJhUunEq%2F3AJqT7ndPyBkPJ0nsH5Tr0IZHQDmauWKWOLajqNhkaj5MpxSnN9Q0dvwR3axsG9seeFcUZkkefQNmXZD8UB8WgSXn4ratBdHylwHfv46JREWQbvxgVw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729d8ec60883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2815,"size_decoded":3639,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"aae11e022ddd442f5f7b07d92cbe2b10","sha1":"e26fa8895aa128c14a8ab68d332bf82499fb1a83","sha256":"2efde69ddeb89b2c41405bd9a9238110675addd75d3e69fc6aa76e44bf53f760","sha512":"60a3916b9a8e4ab07bd49dee15017bd656cdfc5995b523637b71be591f2dbae0155334e8543732b6a1bcba7918fbab779389948456a802d03b1e570efab820d4","ssdeep":"","tlshash":"4d516c0f0a6741274638a1233d511c65d2b0c04a6fd9c7f2858bc3769fddb279076b79","first_seen":"2025-12-03T13:20:40.669326Z","last_seen":"2026-06-19T03:29:39.390321Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bgb.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.768Z","timestamp":1781839748768,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bgb.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa72-52a\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Z%2FOJLQybKuw91wuJ1tNL6h6TtW7y96Lkye5r9MIKaP2M1AScLGk8ii8A8X7GgSpQk8B0A3JKLN4dd4Npf6QNCTGJSUpWYgKXc7veZ4EQPsNWVjXQgWdFKrssaFFFjpe7d%2BMzMMI2g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729ddedf0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1322,"size_decoded":2083,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"a055bf5869c6dd1bdc9e79a62a17d33c","sha1":"d3b5b4656555a80f6a4f7a484b482126413702e0","sha256":"d7e7d631ca56b770d087f82c1b67f912f40a3df3027b67fd2c5b83a23f9bc057","sha512":"974b4745d4e21a3eabf1db9810873c823b1dfa327d47cd31ae70a45460d429a127621dc0d270c550ebb1c47e9926d054c9ff5eb72cea1a38ed5e073ccd473afe","ssdeep":"","tlshash":"1621b77053c955e804564c3defbd524cfa608159620915bd37bbef601946c37cbe940c","first_seen":"2025-12-03T13:20:40.452651Z","last_seen":"2026-06-19T03:29:39.39242Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/sky.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.910Z","timestamp":1781839748910,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/sky.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:18:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690462e2-87c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f%2BPdN7oqoMzeShZbG3mKeYLdwAAaVpsio4ytJKXdQm7AV1q0DTjR59fIsevHpEjfhy0%2BpDdHHEjBFO%2ByVJ%2BbYP4oHtuOqfp8UxN4Q6dRopg0jXTwU4gmTPlzMbongykHCedwym%2FWvQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729ebf300883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2172,"size_decoded":2964,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3","md5":"0fe5e7395dfb542720f716d968ab3279","sha1":"0c97d76b86e30a9298eb3d0e5230768b7d6cdc75","sha256":"98f3aa7cb8addb247f7d1227a41574ab7a20e28605038773ec3ef038c5ee73d1","sha512":"c4217f7a6fa23a836a2f78a43a2c8731b737724872998bf872fe18e6d4ae623903b0ceb0386b28dcb10ea967da559b55ab660b57a4deb02abee3c193b8597a2e","ssdeep":"","tlshash":"70414ca8e6fe6d95df899d34a8473bb29348548942648735f25330cf50f1cb38c21904","first_seen":"2025-12-03T13:20:40.50103Z","last_seen":"2026-06-19T03:29:39.394959Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/botto.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.930Z","timestamp":1781839748930,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/botto.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:24:03 GMT\r\netag: \"69046413-1ea\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Egcd2skCpYRGZ%2Bg2BsH%2BrWIZ8MfuZl0mwIEstW1I05SMvEOoW6e3YWmxn49%2FUoiR%2BZCp7wz1JvbeK4T50CguZEnHRlbQUWhe%2FfazRvDS2BBcPnAmIxKFLjgWsqszWNIQPkcK0P4dLg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 490\r\ncf-ray: a0df729edf390883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":490,"size_decoded":1286,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"4b054ff529c6b49b10a479924f0325a2","sha1":"3affdd194c093846e5d16775d0eeb4171eff3803","sha256":"6a0fe2a6f78b4120e58a62efc11930f1e1f7b723b06c4d49370d923556b00057","sha512":"b9d083f3565eda1a1163255eb7025d53f3a912f6ae7b06529f6ab548aaecb5578d51bb8aead8376ac1b2dd9cd19500fef70b8260319377cf10f8680e32e7863d","ssdeep":"","tlshash":"4ef054138a713eb057a443194ab16241d0b8431ccbc29c867b1fbe31abe39c9b722749","first_seen":"2025-12-03T13:20:40.644288Z","last_seen":"2026-06-19T03:29:39.397791Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/pit.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.004Z","timestamp":1781839749004,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/pit.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 08:05:35 GMT\r\netag: \"69046dcf-380\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P0IlzFi8NuJfMZXLWu3wr0JRhh04cho5N69QlS2cEuWVOwx5jQWxgR7MsX7D5Ta8%2BFrmwgd7%2B0FzlhNoXLbARAcUuIix%2B1VsH2IOHkab%2Bl%2BT3qQVNntipbdsL0KuXss%2FKio9M%2FCavg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 896\r\ncf-ray: a0df729f4f500883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":896,"size_decoded":1696,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"1cbd026f331840bf8e5e20e7c97d370e","sha1":"b037dd5d925f839fd6254bb12cb0bf85e46a21d6","sha256":"a8c0579213edff5b0a7a981073f71b3c33a2ae45bfac20fb9275cb06bb09eda0","sha512":"f9a7c7c071f4406383c97032ab7883df5751d001712100deb71b558d5c3aeea14cd04f7f431f41bafd2d865115d3d24107a7c2965680f01e73f7b32fb7d0de8b","ssdeep":"","tlshash":"8d1163f338433e7cda5d2b62295a6d1c15dd24023175db130cd74f3ab69c4b9d262194","first_seen":"2025-12-03T13:20:40.485334Z","last_seen":"2026-06-19T03:29:39.407458Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/booe.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.475Z","timestamp":1781839749475,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/booe.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:49:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909be25-9e4\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lGytY4G3L5aaK4NTClwoHnCm7NWyHaVIREllSruzA9Gv9JbIdqB4wAITvOWP%2FryJd3kIo2JRpe9K5HUwFadpyaDBM%2B%2Bu70Mb%2BePbczoYOInJWCgnklzszl57%2Bc86cl0DknGvjpix5w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a238130883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2532,"size_decoded":3305,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"41704c85a1833c9dbbe6b9cfe7593eb3","sha1":"b5c775ee069e3207f996b90b8b41d0e040204392","sha256":"69bd906d700eec1816fc8b02a0653adfeef863cc7699e39b398ce9a03082822e","sha512":"a97cb28c4eacd87fc2d8f8510ccf45d4151a2e6eea78507c04f86279ca9a7624610d00d1cebef18445549cf48db2b576be7922a821a9d65b431dbd98444463ba","ssdeep":"","tlshash":"15514c7767086202e1b2467180bff3b0cf818902bba11f0d6799d597e58a4c74d485d2","first_seen":"2025-12-03T13:20:40.555199Z","last_seen":"2026-06-19T03:29:39.411609Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/at.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.488Z","timestamp":1781839749488,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/at.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a22-675\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QIDGd53X6zS9JGYltqxQ2mL1ju7QLoOAjsCqt9Tki90gBTvYtBk2D7V9ywNkii19YLQ5Igk8eiacFtm%2BPk554%2Bx0WkqCswLlDW28ozEru9fBwyFmlHao8fXtbM0f3Dv%2FiDdGiaGW9Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2481d0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1653,"size_decoded":2164,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"c159786466793d438aba9148b6b2f7f6","sha1":"5bb6f3e482e4598dcb4c5bd896e0ec368c7134f6","sha256":"30c5076217c140619d95e65848642b05957fc3eb78b0a1af8da831459fa545d6","sha512":"c4f3bae899067f9253674ee2646027b6cc3d94a943c28030493ea24f3f2829953c0c0be9eb463f2c18028f3ee707dbedf49d54523d1310f10103b65e505707cf","ssdeep":"","tlshash":"6131777b37252306f52607b616949f21f3b06e05db0822b6a384c1265b298d8b6c4b67","first_seen":"2025-12-31T11:42:51.553974Z","last_seen":"2026-06-19T03:29:39.413929Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/recall.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.840Z","timestamp":1781839748840,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/recall.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Thu, 30 Oct 2025 08:21:51 GMT\r\netag: \"6903201f-2b8\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HUl8SevkyJ2ENp%2FoAcXQaUD2UbuOqK9upruktrEr0mZW6ZntJCvB4PBNhLFDBZElYpBBrgD%2FGq6Fn2cmyXZ58Bz2gwwc9cGmiIFMGk0NXBj2WI9B35vdm0%2BA%2Bpt%2FsRNI6H9pgMKMWg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 696\r\ncf-ray: a0df729e4f060883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":696,"size_decoded":1492,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"f267c0606555dde000a8b93ed368507d","sha1":"94a744e4a832a33a384d48dd7f719f8e4302f0b4","sha256":"b853a8d9d97328d97e25a5b999a017b80f29057502ead261dd476b66adabe8ce","sha512":"6d84e855607a68344f0901bb6b661e9db78b6be2ae880f30e082bce0c4102b39fe303025dfbb323a6458eb0caa0372e4b48e4a996da674b1f770b36a5d497754","ssdeep":"","tlshash":"b30144262960ef7b869c186072a8f9f1be43460c06015653654948aa8f73064b2d83a5","first_seen":"2025-12-03T13:20:40.566494Z","last_seen":"2026-06-19T03:29:39.41696Z","times_seen":19,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/zbt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.426Z","timestamp":1781839749426,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/zbt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 07:29:37 GMT\r\netag: \"6909ab61-264\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JeKhY3NA3Bku0OR3rt%2BjefM%2F1hU%2Fc6k8HcfaqclcOmVxAH%2BO%2FLOX8TjtARpF0E6p5BtReBQm32qBaXZsXHYVN79wrLM3rpOuEdPsMy%2BjYIwX6Z0buemGCiZA3qRXRxpRBb7B5RJ1HA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 612\r\ncf-ray: a0df72a1eff90883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":612,"size_decoded":1410,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"a8b379c8816da0a8385f54f575581434","sha1":"5c3267abc53251d84378d14b179625d10bcac7bf","sha256":"cf7c84730651698330bb3612f02b44fde6658908603c9b41a1f6fede0e759b4c","sha512":"0f352deed1d67b56bf6f1d5df99ec90f98a4b12fab2ca9a8a29bcbb28685370c4db4075ff2b55d43c9aa6286a2b561edcb173737f81618c9e2e7a722772a79c3","ssdeep":"","tlshash":"5ff002daf3e145e4c07c8b9f9bda5c349c3891f1a2414cc458c5b822ba125c8a8e9a8b","first_seen":"2025-12-03T13:20:40.565718Z","last_seen":"2026-06-19T03:29:39.420347Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/yb.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.427Z","timestamp":1781839749427,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/yb.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 07:29:36 GMT\r\netag: \"6909ab60-28d\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vk8CqzkJjleQ40AjLWDzxi%2FP7UCNXZqHp24MGagVA1b%2BpXIVWqwpNkmDRPmZStWAMnGZ%2FdOKcUUgYoZaknxWvHq%2F2K%2Fm4I0gqPNbSfHWhsICXWe0PUm5Gg5j5jWf8mAMSjx%2FB15QMw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 653\r\ncf-ray: a0df72a1effa0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":653,"size_decoded":1451,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"4d3925c540fa6eaf83e08524c94a329b","sha1":"d99b2e16a0fa5b999f5cbb49e8de47213d393c64","sha256":"226a81dc0d5e519fecedf98ffda47e0c42e24700c0e3cee303ef20a82c95b220","sha512":"1ef6671866aa08f3f75a6392634dfc24f073fca4edcbcc9ccaefc6b203349459ec1f258492f982eecd93fab8b982070319fbb77683176dd795e991702085c75f","ssdeep":"","tlshash":"6bf04eabc7af5c3029a05a1b43808d9ecc771a3106da2a1b05710d7d13bc410c225b72","first_seen":"2025-12-03T13:20:40.495485Z","last_seen":"2026-06-19T03:29:39.423182Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bitcoin.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.480Z","timestamp":1781839749480,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bitcoin.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:59:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909c077-935\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fl7BW34YvghXc0ox%2BXRfIvGJwf8kWDX8RFDRQFS1NxSQDh%2FbsDDG7tPu%2Bp5m2NEWUxKeN2qh2YDpSMpqvnnfat0GeR5VBa0ZV%2BaRI4AllKoBghx0hIhTl%2BlmXCwYdc%2F%2Ftgcnwo%2BjhA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a248170883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2357,"size_decoded":3195,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"614d21f93b1933bfbde043d681e1a439","sha1":"0db5f1f328349f4090ecec11ac9ffcb6bd3539ad","sha256":"2150709be0d68c6e978a024031b7754cdde58a5c0602e00b12f4f838f1a08c22","sha512":"1431a5ee715d25bfa63b94340ff950842e0c085fca60279b3c990363f91c76caa72aa4d45ad31620feb82976bd07f7bb5d8755080098f62df164a70a707bed7c","ssdeep":"","tlshash":"73415de6a86110737fe5c1535e153da2f0b8335ab7f0ba32129adf260d591c520d874f","first_seen":"2025-12-03T13:20:40.499324Z","last_seen":"2026-06-19T03:29:39.426774Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/kite.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.505Z","timestamp":1781839749505,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/kite.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a2d-65a\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ueJXh4lvK5IQdb31aIlAy6hN%2BG58ZBOiAR4wDvCKducNmN3gcN27sGXg5XS1EN0k2irCZB3j5t4yo81ouhyO%2BuzVT05CefeZryTlE5Tqo4Zyjm0Eju42oM8omLrF7URYklzJW7aexA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a268250883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1626,"size_decoded":2036,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"2aeebfe22ae0644419e4373444be4a14","sha1":"12edf3fad3174031a74d0c74391c304e9961789c","sha256":"49224ac6e2d2f10cf288676255796ce060f8b63de1ccf1930b57b9726c0a462d","sha512":"fe5b2a4a89d4d894f69f965d53d22708ee40905d929f5c9f26cd21ca00d0dace8422a8a9746363db3c4d0a42a3d4a209e1e7a8b51744167ca2f9937d533d413b","ssdeep":"","tlshash":"7f31c6b753381f07fb0626751844c724e7b36e25cf0d532b914582166a281c0eea8bca","first_seen":"2025-12-31T11:42:51.61072Z","last_seen":"2026-06-19T03:29:39.429443Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aria.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.553Z","timestamp":1781839749553,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aria.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a23-a59\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WpM%2FMYaGR55AFWz3QZ%2B53ocWbx0JL5fN61B%2F%2BxZEtUkTwcP21A54JcYkPvxzid%2BlRS2avx4uVfO4obREwxaO4dXIZqkfGdtycOpGWwJb94t3UuT%2FQabsLeEoOQ%2FBZBC%2FK7u0zhvebg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2b83f0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2649,"size_decoded":3212,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"c780afe2714aeccafc012287605b69df","sha1":"0cdd4b9b35bfa33894b92a1b7b7b9942247e168b","sha256":"028c8a78aead93df9327148d85089c4f176a007a026a8bd613cb8c98071f0aaa","sha512":"6b23aab09e5e2d4eb51b86986c103271975ca78b095e1afed1e35b18a92d492404a0746e3803c74af7fecbf0b2afddad10c8e60a37bb2e036ee275a7af892ec6","ssdeep":"","tlshash":"0f512c73f3601b03f86a157640e0cb19a9777d0de61f771ba382841922594d84ccd7d6","first_seen":"2025-12-31T11:42:51.674049Z","last_seen":"2026-06-19T03:29:39.431706Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/sand.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.787Z","timestamp":1781839748787,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/sand.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:13:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da9d-56e\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DhekjlACPs9gzsLmSXumhLWNo1HnkKiiVkSgGzTNbfpXgrVdSM7RN34r5ifFtVeAnxXcbpS%2Fs54IBxg6%2BCdazUAHKDPfjz0jnvbP0QX1pz6FVzOR0Hbq0KtRPAQISxQmlIZe9DY9Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729dfee90883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1390,"size_decoded":2164,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"725fd460cc54564d52b58edf9b522913","sha1":"b6883da789a4688c66dc4a96bfd6cd43fcf591c4","sha256":"80b6a4733a4b1ee8c9ce149a75a94fcceebdadfe95dcdce0e4ff806882b35337","sha512":"3e2beed847ab40ddf3a046ddcf3b816380395223dcf30dcfcd3298a67e60cc59e4199d617aa5d1ce8a23c532530f3281bce19f4c254d2f402d9b42edeb29e364","ssdeep":"","tlshash":"4f21eaca43c2fdece1203e055544d78b2c1c4dec569aac12beb73357b876baa945b403","first_seen":"2025-06-21T01:45:38.075142Z","last_seen":"2026-06-19T03:29:39.435139Z","times_seen":21,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/peipei.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.799Z","timestamp":1781839748799,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/peipei.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:13:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da9c-74f\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qJptqgehyCUzpEcjgusIvJO0bkyXvELxcpo13hstJBSITl31qBmCjRI1wAmYmmKhM2U%2BF031ue2V6Zpg%2BkadLMiFiigXIWo%2BU83zusSLmgnwbul7Qm%2FtFnsRE3ZRqHKjUnfL5i%2FXQQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e0ef10883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1871,"size_decoded":2696,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"848ad9c4eee8d7f25a522b8c875af9f8","sha1":"94f71247e309d7a116d6983b9218fb374ce6864f","sha256":"cdf68a40ae245dd5c9e4b6a3d74b0f5ec073677bf2fe60d64a11a6a69aec5caa","sha512":"ac3d40640483f19c9b345d9a07aa5be092e79b3df3678325d6b4f73620f1b25c0ff3321a426458e9ac54e0c7eee53210d00f0c165e0b170b705b81edce12b959","ssdeep":"","tlshash":"0a311bcedac130669a00042e3501b83c97207f19ad72406bae2eb3560a9a5e83737cdb","first_seen":"2025-12-03T13:20:40.589963Z","last_seen":"2026-06-19T03:29:39.44361Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/m87.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.932Z","timestamp":1781839748932,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/m87.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 07:23:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6904640f-49c\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lblfpZcxXp32gZGTAq9oEJjE9RE5dGaXrXQmyT1gtXD3hLE6c8Mn%2F1SYldRxG53nQv3ZLVQTqJad2979b%2FlUyKdbO%2BF5N4QYmqlhCZvTKfhNEnsSKmLajmEvySmmZXxVfE9FiLA3og%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729edf3a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1180,"size_decoded":2006,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"8659a61d0d4d0b77dca295fe9ce76804","sha1":"926bb97c96891413c93c47b85ff3f7fddc1e2c52","sha256":"c75a7328d8cb5332b2383d7e003aa0b4954237e40257a1ef7ed258fc33e2c578","sha512":"3adc3f4c7869d3e63f2671f22324be375668bdfd04ee8e21e5a9cc6c8e0e34dc29c1d35b50f89755049adb42a82fc279680f3138d055ebff2b258f27b1b9ddb8","ssdeep":"","tlshash":"be21d7cf93a9bc658d9d62bdd52e500456386f4a0d46096f404b82e8618bf316a4ef12","first_seen":"2025-12-03T13:20:40.451101Z","last_seen":"2026-06-19T03:29:39.445835Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/shfl.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.032Z","timestamp":1781839749032,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/shfl.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:05:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046dd1-58b\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OOdtkUA0lKk6o0btdyC9DNpUMujLKH1aMRClBtboOnCFUBYJzUZhooo0gBGq%2FNLLNA%2BJLE8BcwuoN8rOhW5CQbEjZF%2FW0TQKtFGdM3A5luMqmMVpNFp9kI5v%2BnIYnVFgtuAlbikmZQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729f7f570883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1419,"size_decoded":2247,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"87dce70558df7c88a092f30cb0b85fcc","sha1":"3e1df82e8541883206c3ea41fa2921a00675bff4","sha256":"3c637e0dc7d9717bd274fdfa800adc1e7d21818d59e5fe38f7bda97ac4a9de7c","sha512":"a5d04acdcca0dff43989235074858e2cf57c696f3c989c1a7fe7bb86f01c32a17948f1a2d6f07d55b24bb2b8bcb0dd41c3f70898841f7a57285d90d4119a77ae","ssdeep":"","tlshash":"f921e9d3f29d6d82e1006061e65a9ebd907633b4eef2b12d46001ebc05336bd0329018","first_seen":"2025-12-03T13:20:40.520971Z","last_seen":"2026-06-19T03:29:39.448569Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/rekt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.131Z","timestamp":1781839749131,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/rekt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905cea7-4c5\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LJ53uNOcP2H%2BzW72DTwByUxEcg73gsf3aMnPo8qCMLQgw8gjDtruzVNneiKaYH%2FKNj8TkhKEN1uEEf0ZriyHYFHZgfkOnqkC%2B8uUatpR0J%2FcrWbngp19%2FpZGcfgTrkhnvWklYK3iRg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a01f8a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1221,"size_decoded":2051,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"1fc912b3c340f766942a4a1deb1b6cc0","sha1":"d508db250fb60a89f8f5395f2698c24b83336076","sha256":"9e0d25a49f5b5fd35d02b1c7ac9a5d83c55ad9c7708cb8dc48222f754ff3ae9b","sha512":"f62726a021842fc6e7e95471ae9c5e764d2bd85b75c98ea4f79193e2f924b71744b0aed5ed4e14937a21a6a61218362e62e133c1d07534fce3cb76d5ccb63863","ssdeep":"","tlshash":"1321b7a77e86321857d3161db9a6d315e6716329a14dd60ad5d561af042323544c338c","first_seen":"2025-12-03T13:20:40.547218Z","last_seen":"2026-06-19T03:29:39.453312Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/towns.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.263Z","timestamp":1781839749263,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/towns.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uCY4A%2BnYv12plrBhEH%2BwGB5k%2Ba9bypjJN6OmbllETG8a0HMnMMDIoCMdCRmHbc13jzkb8Tl1I4K8pZ6Gf2%2BdN%2FVgeqSnk5jgFoYQU7Dr99MvXTDgt10k0j6z0qxgGtr%2BCEyj0BxqZA%3D%3D\"}]}\r\nlast-modified: Sun, 02 Nov 2025 06:59:35 GMT\r\netag: \"69070157-1aa\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 426\r\ncf-ray: a0df72a0efbe0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":426,"size_decoded":1224,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"df660e7bb3ffafee1237f388b163d46f","sha1":"36bc45075a09fdb305b2a34dc84f8b6166d7b779","sha256":"bfad26901e2201fecf21d69e9d00c2109f5312d5588f929aa8b310034e15e6fe","sha512":"4d075feb7de84024c9308bb31805ff65becb464ada66c9077b7999e5b6fd44d04aecebb16bd7cd0892bb4a74e8e3ea72c7aa5582aacddb44cf84aae18b3c57a4","ssdeep":"","tlshash":"52e023d08343279dc8165696014628f2d3f560485011d57f0ac7cb312968082d7dcd9e","first_seen":"2025-12-03T13:20:40.502428Z","last_seen":"2026-06-19T03:29:39.455573Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/steth.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.751Z","timestamp":1781839748751,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/steth.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 05:47:20 GMT\r\netag: \"6901aa68-3dd\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bCW42RLfQwAr7HGE3SJC6YyOBzcP3LnU%2BrKSbRb11VKj34Oo2Ny5NqAR7ZTOCLrnIFtFZTS2vHSHe20W2j0FTAz%2B%2BoWlV6pAWzgN6TayylIIIFq1Qbu0ne5p%2BtHcOCT5KYN5a38W7A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 989\r\ncf-ray: a0df729dbed70883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":989,"size_decoded":1783,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"d52fcb10f217b6d27f3e55a5458f02e9","sha1":"3c95142f48e64e0f22ec75072328a302a55c7ee2","sha256":"53b0e12ca727f9c47f28f871297bd32f32a562b5e28a7683f7cc564e174f1564","sha512":"0b16b423869aa6c84b6aa2e698270231581c32a6e99f197735496b51e4018942ac18e3603eaafea9c2b388d74a838b72addacf42091d3637bec74f5392ef03cf","ssdeep":"","tlshash":"1b11c851580aae018ab0b2255c31142aa57302d2a81a96a7202721934f3118e85bd48e","first_seen":"2025-06-21T01:47:08.698161Z","last_seen":"2026-06-19T03:29:39.105447Z","times_seen":22,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/api3.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.051Z","timestamp":1781839749051,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/api3.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 08:10:13 GMT\r\netag: \"69046ee5-308\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uG4YeD%2BPO2XJWpI%2FbCewsUieS4jcjIQ%2FbhDfNhN3VDTHXI2iYUUA0Hxi5AwNtdiCoxdSzgD5C32iF1KhQhkwV6mE%2F9ekBPJmnnrwAA9Xu5U0F1g0Hbz80bJXCBcnJvXBQ6Owo0eWBg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 776\r\ncf-ray: a0df729f9f620883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":776,"size_decoded":1570,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"071d4e7bfdf2cd72b9c0be233b4b0a78","sha1":"3b85a87f1a5fa6c8d1e66f2791de847cdf469bd8","sha256":"f75748f3802edcdf057d2c662a10941f2dd30dbcea6f668322ce978fa212d75c","sha512":"61364da12d30df046cf18bf5bd858fdd02dc9ee3c5df9b26a0439504f253fd8a69636c449c1c3c0bed4e3e4c477c900c8c09be53e18e9ac0bbfd6989f3d423f1","ssdeep":"","tlshash":"0c01c5a54183f1c34a87bc02698800b6a1a332b0914ddd76ba80e0e30e4353f5041f4b","first_seen":"2025-12-03T13:20:40.692636Z","last_seen":"2026-06-19T03:29:39.45839Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bmt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.187Z","timestamp":1781839749187,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bmt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:58:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905d9ce-6b3\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E%2BOBo9VUwyu6iUOrYrPr%2Fn9GddngSXeiAXYDuw%2BcDMpcvXiWG6IYkxsR5uf4MZpQidPDNECEWJQLAJ%2F02MYAJA%2FPYcx7gCSn4j%2F2GHKjTdjnIZxDbuK6ypI653Rx%2Fz8PqJszBbJxmQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a07fa60883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1715,"size_decoded":2549,"mime_type":"image/png","magic":"PNG image data, 181 x 181, 8-bit colormap, non-interlaced","md5":"736a3c8ba7da57dd922ce6abf0a0d078","sha1":"4efe1d2a5430b8a7f02ee77d966a6d1f6f0c87c9","sha256":"1d620753d18b89c0e6550dea022a373a4587ef71d8c0c9dffe10b487333299a8","sha512":"cb30d0316c65aafb308fa8477ff52a5b364db097ffc153ec892750b933df80342184042775ec365bac95eae115be98979c8971a98e30c4f6d12faa6762055d05","ssdeep":"","tlshash":"b131d88bf8a0887cdaee4b768a4c6f6df54c18f6d550063b134d60d1895554b78e1192","first_seen":"2025-12-03T13:20:40.596553Z","last_seen":"2026-06-19T03:29:39.462096Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/impt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.363Z","timestamp":1781839749363,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/impt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 08:26:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690715be-530\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yBGGso4ncbvg6geZLQcMXld8AkfxKMp68Ufe9wC%2FPJQ8Zq2im6yYnqz8UnmWd5d7SS%2BMSZ23JWKmMyWWpNgqrYJkAOjiWGxiJ0vqFiC21hEK24bhtTUWBfxgZoD%2BdR%2FKTLDTaqcvhA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a18fe40883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1328,"size_decoded":2156,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"0d68b9e8268a451a59e377c41ec81fd9","sha1":"8e5a7bb88325d9862144005bb6c414f9b3ae0b67","sha256":"82772db3dea0d757fb4c2d77b24aeb96311225d2dc82b97f5513794566789791","sha512":"caa5ebb0b6dbe06fd5cb2a436aaf050103df17cc63317aa12c885f5baa7dc0ee5dac029cbc8e9ec6648c3ea5155a2827b996f052d50e580f7917c9eb6d94cdb8","ssdeep":"","tlshash":"23211dc211d6c061f9796f5ea57254a92c90d0ca34ee794fd54643152b4507c40ef1d1","first_seen":"2025-12-03T13:20:40.598313Z","last_seen":"2026-06-19T03:29:39.464779Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ani.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.500Z","timestamp":1781839749500,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ani.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a20-aaa\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4tgYuq3y668pEDlYOOiSLEAiscidrfZnb8WlrpXiluIIJXu0PDN%2FP%2FHXMjkMPmKlKy3Z8aq2kD1AquGD3Nv5aQgROP50%2FXKSgRXzam9ISTDNFFezf1ueTWerIELMz8KgoYkxb5GBZQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a268220883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2730,"size_decoded":3556,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"9f69a015bc91cbbd3cc90853e0bfeb30","sha1":"65e2cf8cd65dfb850e07f565130aa7f76df4b211","sha256":"28e9ff6dd39dab83268b6a5b379b1bf86b8825425dcd6aa75d855b871a9be7a2","sha512":"a7154c4734fb22c13aeff198b02f7a43ab7135e3770a6566a525385f14cfede0f3bcfd4e0801ab0dafdd61c09ea6f17f4347939b6585b73a8e025aed8e5c8518","ssdeep":"","tlshash":"fa512c55fb92308448a82da34701d631a8f7250a1456e7a3593fe62e1954c60fd1adaa","first_seen":"2025-12-31T11:42:52.011823Z","last_seen":"2026-06-19T03:29:39.467251Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/sent.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.570Z","timestamp":1781839749570,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/sent.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Wed, 28 Jan 2026 07:12:11 GMT\r\netag: \"6979b6cb-261\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=53jkH%2BXgNvKuBodK3e4ivAGJAofSPIjYsvqr0XuIp4NDKvIGGwfdpTns4flrDJewjVGoO6XlUqJiLioFLAelVNLwut9%2FqaapLboJ5%2FEq%2FmtO4lmsGOcUKnXozUPXdPVfPR6AOAlYHA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 609\r\ncf-ray: a0df72a2d8490883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":609,"size_decoded":1403,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"80808541c5246a00b5899bece904023c","sha1":"6b556414c111a7d1875d1664a84c122fa7d3c9d2","sha256":"09031508645131b681103896e89cc4f12b2a7a846d6276c702bc259bcfa66f00","sha512":"334468efdfcc64d1bf2d17cb24459299bf0121df844441e8f8749216ab1792c98fc4b80de271852c978de4dd0d486aaf7454a2216f64bff4867ecd18804ca88a","ssdeep":"","tlshash":"73f041c0da17a75c464e80032798a261a0f001908e0f11056702b89382baae1d8ea6d3","first_seen":"2026-02-18T12:44:31.142254Z","last_seen":"2026-06-19T03:29:39.470483Z","times_seen":11,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/flock.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.826Z","timestamp":1781839748826,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/flock.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032019-552\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NTX1%2BxTcWpcxosSWNcErLeju3RgGrXOMQyJ23dLU4KIP1%2BRyK6pruaYl8MLCmStKAuWTrn3%2Bh3Lut5OrbqyUpawC0%2B%2BkcoarPByd46KX42WXQrIM0o5BHwBrWn3EIEazlHsY%2FWTiFg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e2eff0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1362,"size_decoded":2194,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"eeffe0b1d2566d759046ae86c38c512b","sha1":"96d2ef1dde06f021236c3f0f074b8595610c01e9","sha256":"1bfb2bbd5fb43934e62bdc376032614f34fdd1cac29dcb17ced029955a0d5e7a","sha512":"b46ad25f9dc005a640d15baf223cbd959e3f24078acc9ecb24f6bb800384d690cb89643c859d8c68085ba68820bdd6a5fdebf70351b256f6c33aab7a56c019d0","ssdeep":"","tlshash":"7e210b93f75a2844c9f935b078338ac6f85853541c9f7ea78203406324af49f1241b41","first_seen":"2025-12-03T13:20:40.516798Z","last_seen":"2026-06-19T03:29:39.474765Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/mubarak.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.060Z","timestamp":1781839749060,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/mubarak.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:10:11 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046ee3-5d1\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dpGIwLxLd0R8QmnkMzL99qgFrbHtcEgLN6%2Bwja4hqoqvYlaiKN17gXrZ0WwwPS4Q%2BqoKR6ZbHmXsKyqNDqS5shwETm5o9Czbc5Q4A42JExUIy%2F5t6vOHaoHWG8hjMRCQdHpZLlEL1A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729faf650883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1489,"size_decoded":2315,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"d34dbd5a007f3f3ac9c1aa46bb0c6715","sha1":"5e2de5374fae6647d6d73595da2b4674360b390a","sha256":"29cc3bb112b154039395b321376da721220373360d054de0ae1ced3236888ad5","sha512":"1787c89a0602192fe77520a1d38ed11fdc884a350b1046c4717147c5b34f95aca0e6dc460fca05d54168f1c7a98fba552c77ae70fdc90b1c637419b41889fc65","ssdeep":"","tlshash":"1631f97a6ab7a575838ece242f512612896200cc420ebdd6ce44737cb852380c9d281a","first_seen":"2025-12-03T13:20:40.529578Z","last_seen":"2026-06-19T03:29:39.476893Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/lion.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.066Z","timestamp":1781839749066,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/lion.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:12:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046f8b-72b\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b9X9CY3bMnJki9iJceyl%2FJ4ZjNeCVCr7sCF463EvPImkzw3c2oU41FdlzOhnBWFdOAHj4XSkBcctggoKZIT%2BQsMjhJ8hC%2BkpavSVoar2tSVUQb0rpMYN1yrCuIW16Xr%2F4PqkgtFfAw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729faf6a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1835,"size_decoded":2658,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"0796056b944c3a489fa7017adcecf399","sha1":"3c798e2496ab94029b1a53a9b8ea77839910a8ba","sha256":"9b0ffd4c585aa4c4a36f6c94395dd715f832a82480342d21206720ef429489e1","sha512":"d9ee7c563b2ec37429dc1fbc462250a0dcf64c386027d78b29f4f549dcf1edee56d2bf80066ece8df3c6d9da44793b7a40773ea0d8f24cce7cd77cd447176548","ssdeep":"","tlshash":"b4312bd640f3fce7c9b002d499412583fe7901144f9374540eb532b4dba38b74340768","first_seen":"2025-12-03T13:20:40.522562Z","last_seen":"2026-06-19T03:29:39.481545Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cudis.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.181Z","timestamp":1781839749181,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cudis.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sat, 01 Nov 2025 09:11:08 GMT\r\netag: \"6905ceac-354\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BJJIkIPHcb1f6Az%2BY4U7EFnCqhu2IKduiMtt2BGkKIsUTm7TCIb6pkMnGrz4nzr0U%2FXPTUGADBppQggVwjm1pBBdweC6gc6b%2BpJBd0UCEhqM0pc9%2FLZcPOakAgTj%2ByXk1DoJkrwVDQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 852\r\ncf-ray: a0df72a06fa20883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":852,"size_decoded":1650,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"e39b4327061727ccaccf55bf081e8e89","sha1":"0ac29072e96eb3e7c91b289b41f8db306cb710c5","sha256":"039fb7b1e5d9efd3a3785a1e02ecdfcb7a79ec932efbea09dc7c0be99afecdfe","sha512":"95197fabf71d562c5a417582d23e4ab7aa36ab2c8a30db18bd8e54bf3e65f36a738cb3499c0a9c3fdbd8e89828e74c2575e2e2b1003b3d2f96dadc1778ba1902","ssdeep":"","tlshash":"8901dac7166c3e16dd9db2764bd980e7c59130670fdf4b64b00c18b43ed6597889d21e","first_seen":"2025-12-03T13:20:40.524286Z","last_seen":"2026-06-19T03:29:39.493081Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/brett.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.209Z","timestamp":1781839749209,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/brett.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 06:59:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6907015d-54b\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h7X3W%2FQeY9dk5v6lVHcT9z6n7K72nNODv9yin4U7DaTtSfaWRYzLSRiypbb63IFWDThDDfPTUzJDcLYQTzSV41GUr9saZ13wH5lp0XH33UCB%2Br1SSeyF1EhUwi4atE3vOrQdS%2BXAVA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a09fad0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1355,"size_decoded":2181,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"ced161172e9759005b75a94ae88b3abf","sha1":"30919f4c09007644f756b7d6c5de6733b74fdc3d","sha256":"6259cf173f01171ae2049fe455123d248e71d5b7270404e591f7501583480be2","sha512":"1201546e87ee4cdb95447f77a09d86d1af11fb57900907fa09436ace4c2a9be21604f2a094f0da15a95013b8b85ebf51f47ab6a43e3328efe81b29011bff4f7b","ssdeep":"","tlshash":"e521b8a6a0680cb945575b88886d4b04f137ee163445c964fc8ed8710310c98c9c7bff","first_seen":"2025-12-03T13:20:40.486874Z","last_seen":"2026-06-19T03:29:39.505147Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ff.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.404Z","timestamp":1781839749404,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ff.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 07:29:40 GMT\r\netag: \"6909ab64-332\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4%2BEd3yV8QqnoEtto0ixuK6kwqttlXtL%2B2RqPFiJJrAFjZivgCgTekpZ6NCzu0bxDD%2FqA%2FdGDs0xwFb7cFCJ2AwEe0LEpjuh3LEfgCe0z6RodDHwWX1V2rzkxcLUKaC73owcFXmlOlQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 818\r\ncf-ray: a0df72a1cff10883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":818,"size_decoded":1612,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"65b784206d0782223e653c81d7fce13f","sha1":"ea1e8c01538046631420424fd5b07bdfe73c8777","sha256":"61ac9023fd55bcc8281225ea1bcbf9b717024c0d4b50ae7c895e2eea6aa4f10e","sha512":"4c83bd9d746bf752b9056f4c43ab909d2e2a228a2e4808a4eb361b833991232b98b09016b390c626d511b2676c4b4a825743df04e01783e2eff111dd2ce29aa6","ssdeep":"","tlshash":"7c01c5eb06d6edb4c872c607965ba9c9a7344e26de2574100d1f8560030fb1cc2e778f","first_seen":"2025-12-03T13:20:40.554438Z","last_seen":"2026-06-19T03:29:39.507748Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/btcb.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.721Z","timestamp":1781839748721,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/btcb.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 05:47:31 GMT\r\netag: \"6901aa73-1a2\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RQJTQyodqc1ZbNOVIz4pI1YitW%2FUXF2kMbCWzV9H8XU7ixRnVBN3puTTACkKPsEK3QCPYAtd7NhqISVg9lA32nlFHV6YmYIrgJXmzT%2BJw1UvCFqBaIjg9XAH9TqKFAt8%2B%2Bc%2F0nLDtg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 418\r\ncf-ray: a0df729d8ec40883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":418,"size_decoded":1214,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 48x48, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"311a92f4fd9f89e67b3d0e54a51465f2","sha1":"b5a2a2075d34d22635b660b923dad0464b6bb29e","sha256":"43e3c81281509419baec632a380e7ac1cf59ccb01db6845b80b65f14d8fe7d76","sha512":"6b5dc0d7e116298b899c27404fe4d055d43d6aca1ef351cbfd8d87331328fdb07aeec62fdb17e50152a25be12334fd3c8708cbff3d5cf9e979c8b1d8f7029223","ssdeep":"","tlshash":"3ae0239050c825f0ad0de720b3c2770105b4da4693b4ce7a05079cf7109018082d7b05","first_seen":"2025-04-07T11:34:04.61234Z","last_seen":"2026-06-19T03:29:38.325417Z","times_seen":704,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/synd.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.846Z","timestamp":1781839748846,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/synd.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032022-704\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zLlOLZe%2BfvP0NPf8QkwQePgr1nHjnQR%2BwB6B%2FxTrXBaDXHAhC3fxnGbKoXux1owccVIDV8xNS3l%2FLc3dxuVJnxX0N%2FEXfq7%2FycFTuiP2fYkUt4y%2B1Zn0q8frJTn4vbdiusBeHp1vdw%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729e4f090883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1796,"size_decoded":2625,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"787ccecbcc2cb09d40d98bb089f69a3d","sha1":"3cd4ff5ec24ef836f5d95ad6ff8f89735024ec77","sha256":"e5f25e9bdd894260aabf22f5b09849b258a332d2ced11a33ed9f885a336f8f7e","sha512":"04958a0c88d73ba2089a1320702db2889876cd2064713839956020e818b5c3db737ed5c5a6e3a381ee7d3997d658bb6e37813b7faeebfdd1b20b2a8f413c6e18","ssdeep":"","tlshash":"bc310b3202d0e7704249abb24cad4ffdcdd98cf19be1a13d2154564b60a5730c0bd9b6","first_seen":"2025-12-03T13:20:40.676287Z","last_seen":"2026-06-19T03:29:39.511725Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/haedal.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.123Z","timestamp":1781839749123,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/haedal.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oTwyY70HwEYcQx4iifUOReUJpm2PHwbF1I7BKRMTUjBjd9iVQjUDXq8duagGOblFy%2BL4RSkjaU3vjER3qBVVjf4bd2Wr1F8zOaj5kuZJPKggI1KisqQf1ksmUVMFTZC9DBsbMztD6Q%3D%3D\"}]}\r\nlast-modified: Sat, 01 Nov 2025 06:55:07 GMT\r\netag: \"6905aecb-29b\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 667\r\ncf-ray: a0df72a00f840883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":667,"size_decoded":1455,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"8051cfef129d419f5bf156e2c85295ef","sha1":"734c8b79c65e939195f45ae0a2f49b96e86df2e0","sha256":"1803d9095011ac0ac01a5c56780e3b8e68233fab4c0732345762788e48363b97","sha512":"c77546effff35eb7618eff3f4dc286a7eb72b0b139dea3f76c28d0aff9555d688f9414a722a30a76c6ccd17378401c331afd92998236f214c8eff946c36ed25a","ssdeep":"","tlshash":"0001839602c83eb6d0831622ae252ea6b2b3b11bcdb188c6e912395e5c704405701bc3","first_seen":"2025-12-03T13:20:40.65338Z","last_seen":"2026-06-19T03:29:39.52102Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/near.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.766Z","timestamp":1781839748766,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/near.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 05:47:38 GMT\r\netag: \"6901aa7a-365\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BtFfHsCSA8eTOOusjiL5l01fF4%2FP0USAbkV%2FIeaC0ahgcRwdmE4dFCuoXpnF%2FR5dmBR1G50qJiKLID0pX8XRutupU98RMXfdJDxfAbfxzV7aMMSk96bISMx3Yxhp3BW4alsI8DPIUA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 869\r\ncf-ray: a0df729dcede0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":869,"size_decoded":1661,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"abdf79b11bdd7818f5a9ae033680ad4d","sha1":"4a637160e6c290167be90de4873a1579347b5913","sha256":"096681eeaf1af0f77d83b14eeb6bd69cdf63404964f92d7ac8b651c8afb0e145","sha512":"9ec76043b19dae39a94c1aa5fe944fa214caaab3c20cab0eaeb62dbd4f54e8e05b96c708b58900091c2582375fa2c414f1db1813af2d6de6646bb38248409ad9","ssdeep":"","tlshash":"5d1186eb2718b0b8825247253693e27b17ba0711c6ae08de074d11394f1cd44c491542","first_seen":"2025-08-05T20:37:36.382824Z","last_seen":"2026-06-19T03:29:39.523452Z","times_seen":21,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ohm.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.920Z","timestamp":1781839748920,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ohm.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:23:59 GMT\r\netag: \"6904640f-17c\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Re4z4%2B1AiBF2BAZloxBoyl4xtcyjst8msPMpW3dj59ARbdzO5LaGitarB1zE8c21SnMZDFmKulbYGFkzGir4jdlN7V3M%2BTr2Tx6YjMSE9efRHJeaeY%2FcTeqLFRjmplDXuDDX%2FFvf5Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 380\r\ncf-ray: a0df729ecf350883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":380,"size_decoded":1174,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"d6183aee33151be3e6df7cf5146cca85","sha1":"8efb43334d69388eb1ed7901ddbdcdf36efd2bad","sha256":"f0c20d30af056c8f99f0a5079562626415fe6e2d8755e4fe774c3d5f89b12ed1","sha512":"d4a0c677e7dc41131b5be695486a9ce52824df12ce8751dc01fb79a8112df9e3b2e4cba7cc22af026a1acb41c5c7ac07584a92f6a41ec228aecf094abf59acc5","ssdeep":"","tlshash":"cfe0f8d082203aea8ea29732180a05f26f580968acaa8a01040e9e2a095282d8b0d19c","first_seen":"2025-12-03T13:20:40.687127Z","last_seen":"2026-06-19T03:29:39.527277Z","times_seen":19,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/wild.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.134Z","timestamp":1781839749134,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/wild.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 01 Nov 2025 09:11:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6905cea9-4fa\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rK%2BW2pBNM6gF%2B6YywWPqQIFWjWZcF%2FXwBFKyM0Ztz1Mz7ZG4YEVohiMULAdwm4nYzw32UnduUFqrEKYI5Sy0xnijN8eZvyfHB0OdDyjo2fomd9LyOMjPys7reD2J0xAR2Lm%2BaAQcVQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a01f8c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1274,"size_decoded":2102,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7c04282c0f09726f104fe74b730b5699","sha1":"7d3ecdcfb7d666d9a21eca25ade4399c95d24e61","sha256":"de26f81760f0c1f939d54868726fab16af4206cbc053c7c7df2f22b8ef163cec","sha512":"46c359bc0faea1cbdddac7e222b63eff070aaf827cb9bb9d9cc399c99aa25fa8b81f5c6c5d897d9a525024c6e8b24368073dfd644f6808513a5e89bd610119d0","ssdeep":"","tlshash":"1621c8d980c0fe18a2a21695008738409a93329dc187de7e9011d365aba460cf8d14fb","first_seen":"2025-12-03T13:20:40.446799Z","last_seen":"2026-06-19T03:29:39.531266Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/donkey.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.265Z","timestamp":1781839749265,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/donkey.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 06:59:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69070151-7d1\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gchcAoChyN78FjDVb595oJnwkpyWh9SooqBH7X5lKjKUpBUeP4lUN%2BA8zI1lLKhfv9rfNb7JqPBl3dqgf381OlHMdEc9DYYyY9WV%2BBgbJlm%2B8vrujNUVcnFkt8v4QHPtj%2FClNGi%2Faw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a0efbf0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2001,"size_decoded":2826,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"b85149a241ce95094db1fe18ca871dfe","sha1":"c0bb167a00c7e5cbf69024584704b6a9ac0dc1f5","sha256":"af36fa4735f454ab37a74ac657a1accc764b9d76d5b52928e6620e578b7fde54","sha512":"bacf84b4102d45075ad30b3e4d8523b2c7754ad033733edd38e72ff3ba6bce3bb9d9f374862afe42a3053aa871fd907ca3851d6b932e404c5abd122e9d2162a6","ssdeep":"","tlshash":"4f410af2145b2b5fdd4b7a8c65ce28168d095cb755cb00a85c139b79edc75c04ba120f","first_seen":"2025-12-03T13:20:40.472439Z","last_seen":"2026-06-19T03:29:39.539993Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/play.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.281Z","timestamp":1781839749281,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/play.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:33 GMT\r\netag: \"69070155-288\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d3ZtPXzQ3sSXewIs89tTaCoitUwesBV1v71XhEWxIEFzHuBQRpf4DuyC5jlux%2FMt6bbs83CCSLjjGE66FdYJSMmMMMlfXZisDpx4eNf%2FY%2BQ%2FCdjLMDohNB%2Fl%2BmNhFtyW1YxmaPxjBA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 648\r\ncf-ray: a0df72a10fc70883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":648,"size_decoded":1446,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"5a364ab68d36ce610daf0736ddb8eabe","sha1":"a8e5d026268d9344584dd7b016c9df60faab17b7","sha256":"5317ab2e17d7fa370f6135c4e0c5f51a965e4cc8ec51c2c1b39c2659db0b37b5","sha512":"f3917c9b66dbba0b3d33c501c6bdad2b49b6dc70464a35dedf6eb2307b0abdeb17bcf73df272dc73c8dc17e534fc7ed878357b8daded282e7782f11443071e2c","ssdeep":"","tlshash":"3df062d2c3b134b4f53e4116d60bcc76e2a726c40fc092458a09672ebe4d590cf48f61","first_seen":"2025-12-03T13:20:40.641005Z","last_seen":"2026-06-19T03:29:39.542946Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/avnt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.375Z","timestamp":1781839749375,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/avnt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Sun, 02 Nov 2025 08:26:37 GMT\r\netag: \"690715bd-13a\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VHViDuW5E7cODVADd1JDD%2BK8VW%2BtMu%2B1ZAA1l0OMPrEXhqcpMrZOd21rCF5wapQoDCdwMQhmwYsGVXkNCV45h0KduQuwwELlBgFsB2u88j2DIKJ3jOJn2cFKmhyGHbHHDaAbEUD3BQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 314\r\ncf-ray: a0df72a19fe80883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":314,"size_decoded":1106,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"272fc27f75dbf24ed16b627030c96c2c","sha1":"3699abd8ac5a4d6b9779ec02da74f5f7e878c932","sha256":"45db0b3db7ba45568e694fac0db9df88e2147c12ecd1cca87824f59ebf69523f","sha512":"4366d855f5e96e5eee671c51d1f419e62d2986c7bcbc7e63b2a7f4e14c12bc10a4249dbfeac6ad99d9ad9c5a7a417c427241d860db35d1762c826ac0b5964d14","ssdeep":"","tlshash":"1ce07df397129ab1d8550172c1d919f4a1a657a453800a6ea706ad292d48e1acc8064e","first_seen":"2025-12-03T13:20:40.591534Z","last_seen":"2026-06-19T03:29:39.546602Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/veil.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.847Z","timestamp":1781839748847,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/veil.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Thu, 30 Oct 2025 08:21:57 GMT\r\netag: \"69032025-2fb\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8bDq4so%2FHJlh0rQZucAjWZTGwIeqhRgC3JRxp6g7IFR5zZ7%2FOue9fTggGjW0LmgQe7DAlsKMSYQjrdHx8JOFj%2BDRCqJIXkai1IxVfllLXAgIA84pwNJO%2B2%2F73XWdEJUv8WktyBqLvA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 763\r\ncf-ray: a0df729e4f0a0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":763,"size_decoded":1559,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"8d2cf2bebf796c484eb32031bb9783cd","sha1":"43e21c3a25a71be35726d1d5c6903678cd527116","sha256":"a69e0785705ea12c3847f8847dec40cc18de21dede687bd23f0e5e2d1d380541","sha512":"afb9d868a8c78a4fa970a8f4b0cec2d850c3be9d2601b6fae58938baa1977fd1c21377466d3608b8e4aef2be103d5f1296bd522d2b93483a308dd41d5bd20db8","ssdeep":"","tlshash":"7e0170d72be2be3e9f38951161baff648922c52963b91c2930036a19a3322423161239","first_seen":"2025-12-03T13:20:40.491246Z","last_seen":"2026-06-19T03:29:39.550651Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/aixbt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.068Z","timestamp":1781839749068,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/aixbt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:12:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046f8a-7ed\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TyZKpF6IAeqQwUj96H5K%2B2HkgbhOynTmFIqetSOhGrBjmIu1pJUEJryVarBvf8ML5GCDYi0mOY%2FN%2BkjqcVi9ltSfKI%2FJS2imQqQYNaIcQYnTnBedwqRTZiaybclMfWhhr41qx6ytYg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729faf6c0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2029,"size_decoded":2852,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"4f13c45b12a4dd04a15a14cec03fd6a1","sha1":"3dc9f458ddfda8ff44b4a9f7769a580720f48f27","sha256":"4ee1b689f03f64178f3bd54297248629581c2b9b2cb30691658cd21185a2e007","sha512":"a7b4351541a4d57755275ee83774bc0416267abb0138e3133680e9ec655176a01a36d537db81ad61c6e3215dfaefd80f380d4b3edf3dd7cc1b0bfe5305206045","ssdeep":"","tlshash":"a441ea5789f06e81e90da89b634384fcfab9881468153ef511d5c7714ae5c86f4660d4","first_seen":"2025-12-03T13:20:40.656202Z","last_seen":"2026-06-19T03:29:39.553693Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/paxg.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.400Z","timestamp":1781839749400,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/paxg.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 07:29:34 GMT\r\netag: \"6909ab5e-3aa\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s0f9NWw5cTorxH3kUQxm%2B8Eo3IeJl9XZxfGUnq6wDRs0JCRYehpnw810%2FBzQOPrIIZXs2l2g3nrkrJrYX%2FoFzzq7L68UpBjM%2F5qmWGoyYcwc40Hdd1O1hw9%2F8miARj7GVzxvpYJZKg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 938\r\ncf-ray: a0df72a1cfef0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":938,"size_decoded":1734,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"b690dda9181122b9204f6a81dd62c4e8","sha1":"781a888549429e22ccd15b500107f8d574903102","sha256":"69f6ea328190505059cf1d69dc450efef79ddd708cfec06eff4c7fd689edeaf1","sha512":"6f5cfc6b07decb9375ac7bb1b43f8d03b0e17f425338aff613dd2decf1c6dd27e3489ce950852de8131020e7624c749553249a22a5b6935b8cde6322346038c9","ssdeep":"","tlshash":"dd1184d656e4aa3778f35556e800d50bb7e180183449dc1da09b9ad03e92f688a23f2b","first_seen":"2025-12-03T13:20:40.622265Z","last_seen":"2026-06-19T03:29:39.556413Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/ads.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.462Z","timestamp":1781839749462,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/ads.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:49:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909be22-513\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a2U0wwl28FLy1%2BURPMOue8HEA4%2Fgorkq82qNLBdIjPTFfWEauv4EM9WgTpw1BjpReudbNHQTMAnnHYYS%2BodtQ2rbCQ1BOAlHsi3OF7VxROyzMpyXDsIFzddB8k98FsXDjz2MYmJyqA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a2280e0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1299,"size_decoded":2060,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3","md5":"36dc72c9d2b02261551baa3f0750668e","sha1":"6ee2a38d0ea97cbe910a734bcb61b4a10a038bf9","sha256":"c4f9b1a0e09f07b355a7ebe5ea60bc1b8a3d305139a6e8f5c4d00d4e1091ffe6","sha512":"a1b37a2f34655881fdd85043633900581304ad6616024b232d3c8c0b157862765e6e9865c3e533142456df80d3a4ef5e3ed0499ad12a4e71e42b0cc5dfd8f0ef","ssdeep":"","tlshash":"94210a1ed34cc181df213fb47f099b0bce1420f49df1833281562598793ac36820328d","first_seen":"2025-12-03T13:20:40.619222Z","last_seen":"2026-06-19T03:29:39.558995Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/dusk.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.601Z","timestamp":1781839749601,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/dusk.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nAKW0oXaKDQns3XXZlqg3zsA2pjtMjjLBjOrqiSwnCE90kDUtTweQF7Dyl7mGqBF60852Rl4nM%2B6D74eloVT39lbzIW3Kt1ap6m%2FVC1psHt8cWdxSn%2FM3BBuI6fFvQwhQ6wrxrEinA%3D%3D\"}]}\r\nlast-modified: Wed, 28 Jan 2026 07:12:06 GMT\r\netag: \"6979b6c6-32f\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 815\r\ncf-ray: a0df72a308540883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":815,"size_decoded":1607,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"9d29e3b46baa53380915f9f4001451a5","sha1":"79f602c93b8289022e4d3097e1c21912b862a542","sha256":"2f93608bc06509df33e11f8d743edf00dd66ef58017c72e78cb07e023c1159c5","sha512":"de7365aedc0221a4c4735ef3436989a979f65e963983ca199fc51cab5a11ed3bf1de30f2ea1cec97d48aa3a10a3d02f7451b165b63187741cdd7ea32f1c38880","ssdeep":"","tlshash":"b60186d3afa039756a0d8e63a22da322e771e034da5e0212e11fd83a09b3307f052b05","first_seen":"2026-02-18T12:44:31.013371Z","last_seen":"2026-06-19T03:29:39.562233Z","times_seen":11,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/fight.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.602Z","timestamp":1781839749602,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/fight.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BICnQ5uI7hG%2BkoYrsEeWJai3MJVkGcCtTC2nWchp3u25t%2BmnKn07MRT6rUCKM3MDirjx8XYxgSjkk0s9lvpwhU%2FRhnBI%2FTOJQA4RQ5xf0izHneJ6H2N2bMtkvsEa3bMdYGyEQwoukQ%3D%3D\"}]}\r\nlast-modified: Wed, 28 Jan 2026 07:12:07 GMT\r\netag: \"6979b6c7-28e\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 654\r\ncf-ray: a0df72a308560883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":654,"size_decoded":1448,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"61b13ace5a57ff3872cc4d2a614e076f","sha1":"c4936d7937fc6160065bc863388c5eecdf5e11be","sha256":"dc281143782d748e871f6df9d49f578155570ba489ea56f64dce46d948e5266f","sha512":"06e0c0ab8c261e240b6497731a86d06220e7c3f2b1f30132856065da1c3e207ee7554abc34a2062455dfe5958496a34e8b203e4f2229797fb07c1a50ca5f3d8f","ssdeep":"","tlshash":"88f083728030a9fd01aac62d407209553ab8f308071dcf9326ea822bca14128d282567","first_seen":"2026-02-18T12:44:30.72896Z","last_seen":"2026-06-19T03:29:39.564829Z","times_seen":11,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/fakf6wdg.php?m=2969732","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:10.975Z","timestamp":1781839750975,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /fakf6wdg.php?m=2969732 HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T07:17:44.51798Z","times_seen":16783777,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cro.svg","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.692Z","timestamp":1781839748692,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cro.svg HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\nlast-modified: Tue, 28 Oct 2025 13:43:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=idbkC26q8gRFHuP%2BLIL%2BHwbvvvO3RYFffggPemnAwXZAhX7mSCLFbDyAKOXE6xCpVVkjtBxnxivohN0XUOONJqGhvzs%2BFfgJNjI8BfHdQg2PjoFa0MbY%2BBnXqExnrnH3u3Nka3Fb4A%3D%3D\"}]}\r\nage: 291\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6900c882-276\"\r\ncf-ray: a0df729d5eb90883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":630,"size_decoded":1095,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f55638e21234f23156648acc6cbd7c53","sha1":"74dabaf464c8d968d83207230a1c8053e3998a97","sha256":"aa02b06e130f4d66bc4f54ededac581dce1165509b947a3326c77baad06aa999","sha512":"91ed58d0d54f911e27ba4caa05da73030ff583e917c7e18c74f5fcddd50784ab7854dc5671e2561c3cba47dbcf6372d697e065eb60f5f61b1c9576fabce928c8","ssdeep":"","tlshash":"8df0dd4517888028970c2fd5480db0a84feae0f1af0cc098d7d0e237709aab79da5dd9","first_seen":"2025-12-03T13:20:40.45633Z","last_seen":"2026-06-19T03:29:39.570011Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/dai.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.717Z","timestamp":1781839748717,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/dai.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Wed, 29 Oct 2025 05:47:32 GMT\r\netag: \"6901aa74-168\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jFQi1pUq%2F7LyA4g7zBbRKmCUsk%2BztMrzBMTyp71wSui3vFFcyfZKWVgp%2BacaVxJabGLFnAtJxt2mfcRfBKjAbFAUMsoIgq2CbAC14vj3GMLXyWgftJTohBxOrTZDjHsKs3RT2Rqqtg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 360\r\ncf-ray: a0df729d7ec30883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":360,"size_decoded":1152,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 48x48, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b556e6e67036db4e3dd715f7283f89bf","sha1":"664e79f9ec4689770feb8fd9c4711f5ccde65b07","sha256":"893ed9297b756a924be8fd9bf570d6f256726bb5773ac72b4798346beed79f13","sha512":"e4fd0e537dd9a0e4091db0c728e0b4a75c79f80021c7f369c2a625ac17c618d48584208788a26bda86ac9643431863d391562c1296bad5d4d75762025a8d6c80","ssdeep":"","tlshash":"19e06086041ca6cb8e83959e30c427a43801c80aadb0a9a504c07e0d40b0b88b322d4c","first_seen":"2025-12-03T13:20:40.675522Z","last_seen":"2026-06-19T03:29:39.572951Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/1inch.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.763Z","timestamp":1781839748763,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/1inch.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa6f-ae3\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rF4yUrPZ%2BuKQ90acQ%2FBD4Qpt2OG9ONGhOakigZOEkk9G6gtStugygxOljPSuEcHS6bwqWxyP1eKkc7OARbaINlzDqMwlvohYZIix1EBi0%2FF9LTlkX1KqP6Qcl%2BRiGqRFA5mOXRQXyw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729dcedc0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2787,"size_decoded":3615,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"a6484a03bf81e129061a71ce04973378","sha1":"fd17340924214eadfec4effe9690d52c2ef200f7","sha256":"bbd72bad0e772197154c82dade8b51462f05698529cb328a27112e0346ed4021","sha512":"643f0ba19adeb3ec6b474b003c44b2754e38b0333e7cd7b221d3f20ac7af5fab1e1ca98423ebc88e96534ba8665da6c104b117f3dfdafb646dfa6947f7db7901","ssdeep":"","tlshash":"44514be2bf7626265423be7685f6d480bce93d64d36021b6264f483873d02d4c235f2d","first_seen":"2025-12-03T13:20:40.65093Z","last_seen":"2026-06-19T03:29:39.575614Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/elon.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.796Z","timestamp":1781839748796,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/elon.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 09:12:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901da99-737\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tAbZL4e4SKzXjfBQc%2Bz1vcKixyYj8mOODptqeughG2ali0jcv4Zv3jyejj4CA73Z1HPjCUsvyNlisjSINxHp1Wgi3tyg1M3FETpgpoXjBQm3gr6%2FtUpkZ%2FKs6rOR8bwbNqw1zEi0Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729dfeef0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1847,"size_decoded":2668,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"23dfff4ed5d5643831be3558e2148392","sha1":"462a7c0604638446d79e52a75b4452c2e604e5b2","sha256":"d9129e5ec900a5daef355dc45a0b76c47e50c4a31a38fab15988113590a42ff0","sha512":"fb1909cdc4daed6773ad3f50d051ffe2d04e92c7e94763b17a75b6243ddbd2a5bc96d94d876cca750783b0bc1e3631fac0e806631dafce75593a8325139b3d05","ssdeep":"","tlshash":"6a3119c8113c18659841ad5c928809bee5ca9a79d3a21a7a23331f41cb40fa7ca4df8e","first_seen":"2025-12-03T13:20:40.497673Z","last_seen":"2026-06-19T03:29:39.577985Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/tybg.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.820Z","timestamp":1781839748820,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/tybg.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 08:21:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69032024-68c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tG015AUn0TcEEAKSIPHiqND8mDdF1G%2BkSxcp9E8dUzLAn8U9boZQvxNye3i%2BXcu0oikaboCX%2B7LBf0fjoeRse4%2Bp0I9ia%2FZYeyMNwn%2FGEdEJukoQZDcoMW%2BUSB8LEPl5o%2FaULJ2fcw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729e2efc0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1676,"size_decoded":2512,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit colormap, non-interlaced","md5":"b44fc30f6b755b4aa376d2f1040d6a8c","sha1":"c23f3489d77db3f7f02b6b6056ee343324dec27f","sha256":"62255c7b74b316f9afba6015e8c939fd75acd6bfb3fa63ec5e8f58f2e2ce1852","sha512":"4a785c87c0fa6a445e5c08d4ea09cb42e7656478ccf8c73872789ce632d62361fc171f4f0e3955bec390c9384c0d6c48423eeca9dd8d164689ee6499503ec25c","ssdeep":"","tlshash":"55311a6a7da85d32d105133ed630869df524103f4150f67a16fadbabc6c9e3245d118a","first_seen":"2025-12-03T13:20:40.478809Z","last_seen":"2026-06-19T03:29:39.580577Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bid.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.225Z","timestamp":1781839749225,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bid.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 02 Nov 2025 06:59:40 GMT\r\netag: \"6907015c-2b2\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DEhMPmd1ZJ9wqRwWC9SWBYRhVv6h%2Fez6qt5F9gnOGq%2BxhatBlncwUHF75O%2B0A6uObTpwmfaJdjqU%2BwJwlv4naWCL12owtXrMeeubk1IChQjfqdzs3Ooo1tB5uYtbl0zt9O8Ht7KqSg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 690\r\ncf-ray: a0df72a0afb10883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":690,"size_decoded":1484,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"7780b65f2f38cd00bd36203624c31bdd","sha1":"9d0755e171a3d5c4076a961f587bcd62bf0eaf4e","sha256":"d5aa30c219b6545a85e3d4fe12cfd4fb26fce632b905f7e809ced4bd3623cf77","sha512":"852c73e385d152a3249f24c7e48a05de77fe0940ade53ee4629bf1eb39ea7b58fbb79299ab985f9113e6f862098795b294a802eba089d68f45fd771f20271f77","ssdeep":"","tlshash":"68018342a999fcad7ef9cc397233bcc8beb9487811c818457d056ae413e450a30c364d","first_seen":"2025-12-03T13:20:40.553007Z","last_seen":"2026-06-19T03:29:39.582696Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/starl.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.348Z","timestamp":1781839749348,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/starl.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 08:26:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690715ba-98b\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DVzyxv4ANiJS6%2FWFrkCBJ6CGzVtCY1bhw0c8Kh0iJm9G923aYOh8PzwP3mU6m7%2F6POvNCcsJVRzJsDEHy4%2BfL9d2JQlzVaJjhlRMWfpjUoLLJN0OnezzCGYhOhObfxFpw5cj9q3p5g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a16fdc0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2443,"size_decoded":3269,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"02fa6ad8e64d7e424b4eaa54085f3e08","sha1":"25ee518b21e03a89a637bb5f6b9e06d8f317d8e2","sha256":"96898f0f36a0a1e736f32e3a930698908c1f01cee953b9684e783bed2cd71303","sha512":"2074198ba3f24ef9e47f373195d5b08a2b20e06eef9e0b60ae320657d9d93d2394f71fb8941a19a4c370a4f4f212369fc4c012b1871e9fc631e77e922061fb52","ssdeep":"","tlshash":"aa512b94b12bfdbae400211c9fc9f19289fa902c39f30144ca8f89efe421b15b1b5d42","first_seen":"2025-12-03T13:20:40.575793Z","last_seen":"2026-06-19T03:29:39.590534Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/dood.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.447Z","timestamp":1781839749447,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/dood.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 08:49:42 GMT\r\netag: \"6909be26-365\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jhFmyMGlpDKneUF6Y7i8ULEB3A%2B3mhx2F%2Bmzpy0P0PFV7iwecw3ZdeEOZi7T73%2FZYRykvVnt8LCScfo2THkJ%2Fnxxg0CG3buk1K7N3rlTKw0IA%2BG%2BIyyGEmzFoeaWRwobxT8XAGtkkA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 869\r\ncf-ray: a0df72a208070883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":869,"size_decoded":1667,"mime_type":"image/png","magic":"PNG image data, 90 x 66, 8-bit colormap, non-interlaced","md5":"ee547286940babafb3bbeb5f723f260d","sha1":"89f88051bd157d80d10898e6063c86d5f34a1c6e","sha256":"1c6c531cdf111335292ebf2688375804becb193e842983dd862511e07fb76162","sha512":"adca3f86d1dedbc4dc570540b2577fa8fabb6f5f60b7fc0f152d14554c6f04e6376ec9529d6fb214d61beb489322b5c6a95f986e3ea5e78c2fc51a38be4a294e","ssdeep":"","tlshash":"fb116362604ebf23d53b25037c722a16cdba4b7a209c41a46c28aa640307590dd4d4ed","first_seen":"2025-12-03T13:20:40.490515Z","last_seen":"2026-06-19T03:29:39.593071Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/weth.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.697Z","timestamp":1781839748697,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/weth.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j9D6AANKFXK9%2F2gmqye6CnoM7hDM1s2JCwBsvZcU2VuxWJ9syhVSR%2F%2FeTxg3PyqjktOBvsuJVCJKeAiS8AyLYoiDCOtRQMUAMKN9Y7Pbd9Ghnx5Ur%2FnYpNwipLXYrhdYh8wMb%2F0X7w%3D%3D\"}]}\r\nlast-modified: Wed, 29 Oct 2025 05:47:25 GMT\r\netag: \"6901aa6d-33a\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 826\r\ncf-ray: a0df729d5ebb0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":826,"size_decoded":1622,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"55c83a614034818029ede9c8b1c035a2","sha1":"c3090069f2e88bb6b34bb1db184c566ee23fa508","sha256":"be98029dac523269f53752b8ceb98e7616f147558f93b5f0c33a3ab4db67cb7b","sha512":"66ecdaa42fe606fa9d0b5af2b0de660879679fd511f9833fe838631d6df3406ae980bc8a2951e4335a70f0599301dbe0189ca60a81542162b245eaa09376f1b3","ssdeep":"","tlshash":"8501d6d28920410f527222a969b01d37430529b4ae2a8fd00c862b0b3170eed4606196","first_seen":"2025-04-07T11:34:04.619296Z","last_seen":"2026-06-19T03:29:39.595716Z","times_seen":566,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/pepe.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.743Z","timestamp":1781839748743,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/pepe.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa67-65c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mxWE%2FfZrL49WGXZ14y0AEX5YCs967v8q2%2F%2FSgNt0weINbsBLxCpsuEODHtUFxMUN9mDelj8hd04GJuY%2FxN50BbeXuF1jKJGJRyGAOI10p9qeQxHbxqq%2FsYph11CGguE%2BvzMVLchrdg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729daed30883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1628,"size_decoded":2460,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"5937d7e1637cce8e86e7cf84450244d8","sha1":"8c54a16dd256f330d2ce7ab2218a35d5c4d5b08b","sha256":"d11dc4f447c3ad21e7ebf8e62ef978921cd8d7d6602ebf693324bf82413e410d","sha512":"b33300e7a87217c479dfdd018e99e45f9807f02f2b1b704077bb1a5f8802b6535db1611a2a41af93d8a9a8924b932dd2b1acfe0f1df134f832566883a7fccd3d","ssdeep":"","tlshash":"4c31f87f62aa8c61e9011af95360a1a36672e50f5870464a409fb07537025c557b9852","first_seen":"2025-12-03T13:20:40.663525Z","last_seen":"2026-06-19T03:29:39.598914Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/floki.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.782Z","timestamp":1781839748782,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/floki.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa76-599\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GP9owbrkWGaANQXVf7nkmpgLT8QXRPjNcP79kMyDHBQ2eQ0UWYHUfWpQ13QxmTxy1S%2F9qxxgNT%2FYAZzwOlANCFJqkaPB6wU0NXAA2gOqV%2B9uz1KsWuysDGwS%2FOXxYxp4MBY8ppFeeA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729deee70883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1433,"size_decoded":2261,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"e19c72ddb04a83801bd4cd4936770a80","sha1":"31b939913787acf97c83d2294ed19229fc2631a8","sha256":"e2109068db33bc840af5fb67fcd242287313730e379f52d89bfb840703691bd5","sha512":"d816edfeef9635d65245eec2fcab94aebcf52b7891d500da3f1b46897c7fb1435ce527bef95c5d32ffd816291b2c29a3cc08ae25cb6b507d4a8146e9456d7aed","ssdeep":"","tlshash":"2b210bb76fbd8d2f53a6f3a355f38782b4294402e6eea0844712e274dd10227478c5f4","first_seen":"2025-06-21T01:25:52.679556Z","last_seen":"2026-06-19T03:29:39.602147Z","times_seen":21,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/hunt.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.045Z","timestamp":1781839749045,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/hunt.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DIQlGp5l5rJmO%2FOkVXRsc2JBPN888Aq1OV2Kd1hau64wrLpKZ51wB%2BtTQdVj5SoKoEJYX9tqaMhqoGKk4d4tvHwKgBgpMlYMKCcXViM0lcUnG1DgihGWMBigo1F6lAbx0OOAOqwC%2FA%3D%3D\"}]}\r\nlast-modified: Fri, 31 Oct 2025 08:10:10 GMT\r\netag: \"69046ee2-255\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 597\r\ncf-ray: a0df729f8f5f0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":597,"size_decoded":1389,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"45f769b3c238294b723e183013081730","sha1":"107762cb5b822768279e37b56b53e485128ae71a","sha256":"89aa2885677f485661e09881f8d7ecb2901cd0f9e10cda434e63039c5418c3d4","sha512":"5d2d7a0e4a3e5360e236a520fe2718ba1cfe37c47d43dce08a99d3c2ed3381874ed6c8cbe9282f3b886689963c80b94ee88007d1d4a42ee3fe939b43f5e9a46c","ssdeep":"","tlshash":"0ff041170342abcc68c52d39ca2d5222d3710f3053f74eb90e87b4283923029b7a0ca6","first_seen":"2025-12-03T13:20:40.673756Z","last_seen":"2026-06-19T03:29:39.605835Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/soon.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.117Z","timestamp":1781839749117,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/soon.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jYIrHyD3uq3pqaD6LZM6yF9K8Df7GYZIUDRqEpuhHF7a72zdSQ8kIqTzOMBrsUc8S3k8lFAYqusGrZu3vcYVmNCB7FN0opCztepUjUd0JCn%2FJAmLbDmqhbW6Cf9A3AdJmmw1o5onUg%3D%3D\"}]}\r\nlast-modified: Sat, 01 Nov 2025 06:55:05 GMT\r\netag: \"6905aec9-15c\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 290\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 348\r\ncf-ray: a0df729fff810883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":348,"size_decoded":1136,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"4a7b2a6e8d6aabc4b3002451155d06c8","sha1":"eee3bf718ae70c8d64a14faeaa99276f3061fefd","sha256":"248d0b17b56a65412a8bd0c42b3540cf07d0ae6b6a7afadefac17628b1086208","sha512":"3f897dc5d8390622db24d5a8f02680e07b5fdb818fb597e6839a8a2a1a1b491a7e1a58b4a47980f4226560a6c7e7c020620f432da1d3ab03f050f4fb7452e20c","ssdeep":"","tlshash":"2ce0c0db577115f0e2ab55f55b4001e1e1111c0c05301472c9aa806a1e1100dcc86989","first_seen":"2025-12-03T13:20:40.455498Z","last_seen":"2026-06-19T03:29:39.607995Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/grok.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.485Z","timestamp":1781839749485,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/grok.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Nov 2025 08:59:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6909c079-934\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BvhpA2ycmGUiHV79Eqm8pUcMWDpG6cdwqrgZfLFQQrjCjH2SX9OigYX6UfzZgQhdSKQq%2BmaJq7UGLkX49sXD%2Fm1i2hZ%2FDMew4hSuHRlukkntjWlmu7lwge4STvBii9EEdbaxi6az5g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a2481b0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2356,"size_decoded":3123,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x90, components 3","md5":"6124582a14a694788fa2812044cef35a","sha1":"5667165482adccecd11e92fefc0acfdce57be42a","sha256":"1b0301cc3902b0aa09aa8bc3539c234d36fd207c2e736510bb8adcdc649f5b64","sha512":"07aa1e4ec3e3347e5d0735f3a6cde9d11b268f58099a83d2d1374e33bf4370803f4b72bef36fd148e79d826edcad370daf9edcb4e4f5e6d87800ee8b8b6eab32","ssdeep":"","tlshash":"e3411b276750a727fb060b370569586813265c15ce1705e3a7c9a014a9bff8dac8236c","first_seen":"2025-12-03T13:20:40.69336Z","last_seen":"2026-06-19T03:29:39.610734Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/banana.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.538Z","timestamp":1781839749538,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/banana.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Dec 2025 08:56:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693d2a26-898\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8%2BZkTPxOV%2BimMTes2qMGgITc0ki%2BpcvTjLHXqM23KNO1HXXYjZWoIrKWB%2FNMGz8ynpppXxWHIZK1PjgjonVFWnOCr%2BhL8gRdBTc50LWVvAMYFrMOWuMjfD6PvT3lBVFzMTz7LydfRQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a298390883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2200,"size_decoded":3030,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"62d54146eee8fe8e86e9b2d692ed5a66","sha1":"d2aa0293fb3a9d0f2c4ba56727527d213ac51ae3","sha256":"ca8bf5688f979f1d21ff59638858e52ac5b1f3da7b24a117ca1a16f4c0c1d550","sha512":"989326750c38f010d22eeb7ac17a301ee6d30aa3435e79537ebf17d383b6ec0ff7fe4c71b329e44500efadf872d7bad8cbaab5d243dbdd6de05247ba1c4d92ba","ssdeep":"","tlshash":"7c412cc55091e4e82c3bc4762a9f5762a57c09431efddedc9c058caca257095f64a21f","first_seen":"2025-12-31T11:42:51.922254Z","last_seen":"2026-06-19T03:29:39.613371Z","times_seen":17,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/uni.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.760Z","timestamp":1781839748760,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/uni.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa6a-61c\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mVp2d9l%2FF7VqmCIc6yXZBTUUH%2FT55dtjesHnMOj9FHJUH7Vz0xkqslHu2Q7Fu%2BhLrjpspgpcRs5c8DBZBcOCmsYItp1KsYXnBMfVCyOljWo%2FKN9p5kwhCDwmy5XR5Zie1iRgJWPUzQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729dcedb0883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1564,"size_decoded":2339,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"51c17cc7c3e533665c4b009eb9773d8c","sha1":"4b2f81407a62b083ca7169da258afbd3ba5d4536","sha256":"1254c1e5e2919e902bd82b93a4bb42bf3b485e0c234092973b0e8b5a8c81da8d","sha512":"6386a8bb24b961cb05d8d764d328f326b9361315da4296f820526f713026dc12af0142458984671bd9c6ac5de9b7d4a95615be9194af36e34022e81a3a55b292","ssdeep":"","tlshash":"b331c9f97c716ad4820e3726d64568180a97108dc9583d2347716427761b94bfed886e","first_seen":"2025-12-03T13:20:40.50921Z","last_seen":"2026-06-19T03:29:39.615621Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/bluai.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.595Z","timestamp":1781839749595,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/bluai.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Jan 2026 07:12:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979b6ce-e37\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z6eqVkrgmXDse1XeGne%2FO1GTdRE2wRihMpEwTA486Suw3unWFvmQ8tEsH1w1wLX2kZ9UnASnRtKXK3jPeGRGOk%2BODJuTDr%2Bc4xnzyz6PxgGzY6qrMhEO%2FGv2qinDm8UvZ9zVUsAb0g%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a0df72a2f8520883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3639,"size_decoded":4467,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"c381b784f83f0b05633a245133a37771","sha1":"6ede50dea5295a992c021172e2447f7349fd5e69","sha256":"dc405bfb1d74c8ce5c545f9dd69f896d1069f42a9d17d66e25ed4ea823dda5a2","sha512":"2a917cfe6aad165e531c8a56d069b237c95b8cda3707a49c4589bbdf09f612d68818a84ba982b5b6f7b47e8d6f63a9bb76cb73bea17ff28083263a8a585227d6","ssdeep":"","tlshash":"8b717eb038a6098566e667c36355911d4a06614f33bc81f7ce3ee3c692c3f0fee01928","first_seen":"2026-02-18T12:44:31.07675Z","last_seen":"2026-06-19T03:29:39.617688Z","times_seen":11,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/gme.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.037Z","timestamp":1781839749037,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/gme.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 31 Oct 2025 08:10:15 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69046ee7-89f\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6VcQ3tffW1YXAdSyY0YerhvfejjDEy1FgkAGjMouvX%2FF6GkqJPsSxnVjVzbWuiiKuSdnBdMKSuGS2XeO1k7ZGKtjecuKfnMH0L8x7%2FqrFz3VTKT8AuDeH81uv0OqCuUoZbvXSnAGRQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df729f7f590883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2207,"size_decoded":3031,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"f121f69b19e246153f8f343696fd6f81","sha1":"0a5e0c76e1daa3bbb4c2cef13b6e8886fdec3913","sha256":"fc25037a6d7045b32101ef942dfba769a2ddaf256d193457907a9a672d8daabe","sha512":"1b08f0177de563f3aab14e0a1f716e5c13a789af7a11c74dfee781bf393771f96eddc6340fc6452168d94554c70b214a4818a314cd9e640201dec50d7cb4cfd5","ssdeep":"","tlshash":"7b415cbea13777f66ca061e325364af2ca08db77a82a24dc354100d8bd52495d891dee","first_seen":"2025-12-03T13:20:40.578319Z","last_seen":"2026-06-19T03:29:39.619732Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/dot.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.085Z","timestamp":1781839749085,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/dot.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rKN2RfKY5y%2BhodBAkhs%2BbxMSCv8PwKbIQJba%2BU%2BZz7hPOZypHRU8op0oAnqdb2At46%2BiGimmY68k00kJ1H3x1SZZ3rG81WhZ5BhHhIRpxvXZXUIwXleS8gTSeXV1bycMqDKU62tZqA%3D%3D\"}]}\r\nlast-modified: Sat, 01 Nov 2025 06:51:48 GMT\r\netag: \"6905ae04-306\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 774\r\ncf-ray: a0df729fcf730883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":774,"size_decoded":1570,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"7106520d214e6019d2a896bb52007912","sha1":"c4adfc427f8a740a823ced817ea222efd472f998","sha256":"161df799dcb6dd79bf4a6f5ca9a1882a3e16dccab6e8a5648de1f9e9571788d0","sha512":"03f75c94a983a137b64dca393216a8a434a34da64d4af18a48efd04f578e6b0f71657c1c5bd0c6e9bbcb0bd920cd256e776da6085c2b87a078ed4d9bdf1c8881","ssdeep":"","tlshash":"220175cbf0c0d37d5142b0cb5f999b5df4223f4379ac26148315100271a59c13fa91f1","first_seen":"2025-06-21T01:21:32.247259Z","last_seen":"2026-06-19T03:29:39.6222Z","times_seen":21,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/lhype.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.238Z","timestamp":1781839749238,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/lhype.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 06:59:31 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69070153-951\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bra7mK0ehFlxumyITW2iXpcjaJfoWJ2fHn9HcqROz0vZpyvEcSgw0JMpvHpAf4U1yIWAgltUHq2kCKBqmfA%2F6qvc07IaX2fKHlS7OJ0qDfTPwj7VboB%2BnDegQzZY87vwTBzETozB9A%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a0df72a0bfb50883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2385,"size_decoded":3195,"mime_type":"image/png","magic":"PNG image data, 181 x 181, 8-bit colormap, non-interlaced","md5":"b8d75a99ac0885750f26e9d731433370","sha1":"77e4943461630fb681b574c25b1a1942c0de0a7e","sha256":"9e5fb85dd5879580e9229a83fca2a97a932003bd405940bf7f27192c863d0e21","sha512":"dcd9754ce54e8b31bde102037071dea24519e567faf1d552f699f37901f065a662b871fab188cf08d0b3bf876731e301d65c2ca6b27d3afd10b0eb926879b60f","ssdeep":"","tlshash":"c641089c62d20b4c5ac5797a71f6b7531313ae20b877a22e370b4555003f7e930658d9","first_seen":"2025-12-03T13:20:40.569563Z","last_seen":"2026-06-19T03:29:39.626041Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/puppies.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.337Z","timestamp":1781839749337,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/puppies.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 08:26:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690715c0-940\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 290\r\npriority: u=4,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QkjFJ1GcKsSDy8nFnUdCAPQ44gLOF1qiiUe8J4ZrEqMzF4YQnOA9gb4oFwbARR5bIZbYlER5Rfplh%2F6qHmGa8uXUo%2Feccg6PA2pDc17SFBvk4g7AoGDF%2BXs%2BU9DV1IBAgvXrktTd2g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df72a15fd90883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2368,"size_decoded":3196,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"a61d04639969879367a27559ae3e7d61","sha1":"c806359c427a9ddd474b854b1436024a2904c314","sha256":"7e3e79c5848b53057efb49940e51ed509ea8b888d60f5f7d7b86614790113f5c","sha512":"336497d60814ff9ebcbda05c7f0a7abc6471a21b20ea8b1f5270893cdbe758265e9a475d2a47a5528b2698dc22e97a19ecbe1faf5c65382a2e5984f7dc05f1ca","ssdeep":"","tlshash":"96411a261c25bd9df86a0107a9603a74af89fc78b3c25061439aa0ac40b876aa1d790b","first_seen":"2025-12-03T13:20:40.584647Z","last_seen":"2026-06-19T03:29:39.628163Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/degen.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.778Z","timestamp":1781839748778,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/degen.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 29 Oct 2025 05:47:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6901aa74-576\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 291\r\npriority: u=5,i\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v1P%2FgX2983aKgIG39SHk59%2Bxu2bwYffUv6wJrphRAqjdCb2loQ8XYJ9QApgEP%2BVL82wrwYy3iwg4lJhs7X5DPhAt6WM94QDi3jRnzgSS0YbC2Ukw1siLlU8T7Uq3cHMkoG9oXayomQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0df729ddee50883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1398,"size_decoded":2209,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit colormap, non-interlaced","md5":"d4b2c503845340bd13258f268aab5126","sha1":"92aa604c658075db6acd7a7a1fcb60ed26bfd48b","sha256":"32705fcbd5288b350b801259682f8f625e5317b07386f0818eff2930342fcff1","sha512":"c7beb4b43f6bfeec5d2af7d97c63dc32c1fc7299250c56141d4fe529ff24b8931423c4b34f2ab4d95df1526f25a5297aaf2838c6ab60b71be4dd2b97bd876c90","ssdeep":"","tlshash":"ee21b6602894cfcfe734767c61d191f3a652a6272986d9c03f00b13079d3d84aca2cc8","first_seen":"2025-12-03T13:20:40.558304Z","last_seen":"2026-06-19T03:29:39.630281Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/cow.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:08.971Z","timestamp":1781839748971,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/cow.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:08 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Fri, 31 Oct 2025 07:29:42 GMT\r\netag: \"69046566-264\"\r\nexpires: Sun, 19 Jul 2026 03:24:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7%2Fs3kZrqVyW6JYX7wnxxIYOGyur188vivyhtw4IilQM4UJvumc3UpPwQtjk%2BlY09295pFCplTETDWDv6k0fu1DRf8u8SP0kJEBE1i6JpKbz7q5yzKutFJImtAk8Qw5z5qA0YcyJb2w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 612\r\ncf-ray: a0df729f1f470883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":612,"size_decoded":1402,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"522160a6ccd98443a76152b217235853","sha1":"fe04ef629470aae3d1bb96b7d0f64337ee3a40db","sha256":"348a015c960c07d3ec4c6ef083af067fe88ea83a7f660cbb1d2550f928694969","sha512":"e00fe0720edb986f95d7c4c0144794ace960871f40938b851a5dcd265ededf92b87013ccf9041c74218b9ca2169eb833524bfec6bf8e70d87cf9e80c3f58487a","ssdeep":"","tlshash":"2ff068cbd303dd20c0751692f19d4732f7621ba402301bec5921891547252cd99b435d","first_seen":"2025-12-03T13:20:40.481205Z","last_seen":"2026-06-19T03:29:39.632694Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cake.aerofinance.cfd/files/glq.png","fqdn":"cake.aerofinance.cfd","domain":"aerofinance.cfd","tld":"cfd"},"ip":{"addr":"104.21.70.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cake.aerofinance.cfd/","date":"2026-06-19T03:29:09.481Z","timestamp":1781839749481,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aerofinance.cfd","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 11:30:09 GMT","end":"Thu, 23 Jul 2026 11:30:08 GMT"},"fingerprint":{"sha1":"5D:9C:8F:12:D0:89:FB:1B:D1:93:27:E2:54:B3:EE:F3:7B:F7:08:93","sha256":"E5:48:F6:6F:C1:07:91:79:93:9F:0D:E6:97:D9:74:3B:4E:7A:D3:6A:F2:16:12:22:47:3C:BF:D1:93:44:67:A7"}}},"request":{"raw":"GET /files/glq.png HTTP/1.1\r\nHost: cake.aerofinance.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cake.aerofinance.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 03:29:09 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 04 Nov 2025 08:59:36 GMT\r\netag: \"6909c078-37c\"\r\nexpires: Sun, 19 Jul 2026 03:24:18 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 291\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zZKPede%2BJFx4%2FQgTYLBO8Jz3yB2ap5bzXyzNX4%2Fu%2FyQrDF1mdfA9Hz97WuwlRTl1oTqaO3RVgbWC%2FXwnm8YLcsZJwrMQOxKzid%2BidiJ%2B4FBjER1gwbXoU6g0WkByTnB%2BLaoeZ8VeZA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 892\r\ncf-ray: a0df72a248180883-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":892,"size_decoded":1694,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"5ecf83ed904147a54d4dc41228bb3da3","sha1":"f4698f6f51c4c0e7b97d84ae7f9b090f33abdbba","sha256":"2d0c161699778b06e6db787c868555161a3fba4448441dd6fa8e2fb8140c27f3","sha512":"07eb39b4a977716913886fe743ddf6cff27067300f723232746fb11a1e91751b1758e53cf08e92125f869ba809eecfd06b229c615ab7937cf3197432f6f07337","ssdeep":"","tlshash":"0e11b3c700c668029caa5bbbaa5f8eb628fd1120362e4937e317911677f8907406694e","first_seen":"2025-12-03T13:20:40.606933Z","last_seen":"2026-06-19T03:29:39.635366Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"cake.aerofinance.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}