{"report_id":"5a423ac8-35fa-4e8d-93ca-5ff1d4d9df92","version":6,"status":"done","tags":[],"date":"2026-01-24T19:54:31Z","url":{"schema":"https","addr":"bountyair.com/","fqdn":"bountyair.com","domain":"bountyair.com","tld":"com"},"ip":{"addr":"172.67.172.130","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bountyair.com/","fqdn":"bountyair.com","domain":"bountyair.com","tld":"com"},"title":"$BOUNTY | Highest USDT Rewards","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"bountyair.com/","fqdn":"bountyair.com","domain":"bountyair.com","tld":"com"},"ip":{"addr":"172.67.172.130","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-28T19:54:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-01-24","alert":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","trigger":"bountyair.com/main.bbc2594c9c69111e.js","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"@imp0rtp3 (modified by Florian Roth)","date":"2020-09-06","description":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","reference":"https://imp0rtp3.wordpress.com/2021/08/12/tetris","rule":"apt_CN_Tetris_JS_advanced_1"}}],"urlquery":null},"summary":[{"fqdn":"bountyair.com","ip":{"addr":"104.21.30.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-30","domain_rank":0,"first_seen":"2026-01-24T18:26:31.885153Z","last_seen":"2026-01-24T18:26:31.885153Z","alert_count":1,"request_count":7,"received_data":5290582,"sent_data":3064,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-18T22:17:29.309663Z","alert_count":0,"request_count":2,"received_data":6990,"sent_data":956,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bountyair.com/","fqdn":"bountyair.com","domain":"bountyair.com","tld":"com"},"ip":{"addr":"104.21.30.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-24T19:54:08.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bountyair.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 17:20:56 GMT","end":"Wed, 25 Feb 2026 18:18:39 GMT"},"fingerprint":{"sha1":"2E:CA:B4:CD:39:5A:0B:55:CB:E7:85:DA:9A:DF:14:EC:B0:D5:07:C5","sha256":"5C:5B:C2:FE:4F:51:0C:41:D2:AA:C7:13:6D:BB:56:E9:EA:96:BE:EB:DF:52:A0:B9:12:C2:33:66:1C:B6:00:13"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bountyair.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 19:54:09 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sun, 06 Jul 2025 08:59:35 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1KOuBMZE7RTCoJkmPQasYDNkqNJOEZQfoszguPY3Te8GYGEBO5CuRMFJsxgb6UbojuErqcAy6kuqRwcS1EsanlYDRAyLDFY%2B7cmQ\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9c3214bdab985695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4713,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (3076)","md5":"06f38331c88569fd74c2bc1e73cb51fe","sha1":"fce89b3e8ef2adc7693a31b0f228bff7dfe8b7a7","sha256":"b2839efb6e5aceccfeda8b655c6e6069fe5600fa2443c8466888f059de01e272","sha512":"5af31126def0920572158661cfd401d8aec91ebf4fb87c8f97ee352015985824a71ca39b502c78313af6b312a8204911a4564da47580f6212312894c62b11330","ssdeep":"96:JG1/CNGdsuS7IFUXOf97J+O8/ATWEisfE2j:JGFUef97JX8YfE2j","tlshash":"a1a193229a1480198e6192cbece0f70c7429d1c3d73dcfb975dd094a2bca9ad98e7505","first_seen":"2025-09-19T04:55:21.556753Z","last_seen":"2026-05-30T00:11:36.761615Z","times_seen":20,"resource_available":true,"data":null}},"time_used":449,"timings":{"blocked":37,"dns":11,"connect":1,"send":0,"wait":371,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bountyair.com/runtime.d8c1b9be7ca7b0c5.js","fqdn":"bountyair.com","domain":"bountyair.com","tld":"com"},"ip":{"addr":"104.21.30.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bountyair.com/","date":"2026-01-24T19:54:09.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bountyair.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 17:20:56 GMT","end":"Wed, 25 Feb 2026 18:18:39 GMT"},"fingerprint":{"sha1":"2E:CA:B4:CD:39:5A:0B:55:CB:E7:85:DA:9A:DF:14:EC:B0:D5:07:C5","sha256":"5C:5B:C2:FE:4F:51:0C:41:D2:AA:C7:13:6D:BB:56:E9:EA:96:BE:EB:DF:52:A0:B9:12:C2:33:66:1C:B6:00:13"}}},"request":{"raw":"GET /runtime.d8c1b9be7ca7b0c5.js HTTP/1.1\r\nHost: bountyair.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bountyair.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 19:54:09 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Sun, 06 Jul 2025 08:59:35 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nage: 5283\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"686a3af7-2bac\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9je0Hz8KeLdnhfKC3WnoG3tZdXcnNDXCd7zEp2gPwD4uq69%2FD%2BxMeYFrGwGBReUO4o7ONfNzyRWRLt%2FzooGuKXTgtxB90avDMJ2S\"}]}\r\ncf-ray: 9c3214c1285cb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11180,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11180), with no line terminators","md5":"64bcb35b023fc076db045612169eee00","sha1":"ddac782eb50ec88f3acc97c2ebe72fff879e0db7","sha256":"e055fb3120a581d6b7541d8b272928d7cb5035fe7904313fe11b16e4c294bcc1","sha512":"89fb8ea42d7372659c515d4c344c270da7c581b69883aadae31c3141d69889ffa6be1ae681bccd8104961c01d2969670c756b33ae6d8176b0f1db16dedb64839","ssdeep":"192:NinVZfyA0V3jF+gib1+vaRjLRl+dljAdKrziVXd5whH5UdvWFhyFtXuWDOXDGeWD:y9r0VJbVvsGdw7X4hHmYFhCtXJDIiV","tlshash":"cc3243926fc4ac48179b4feb773fb1c4f59909af258948779110dc70a9ca32bcab5930","first_seen":"2025-09-19T04:55:21.550207Z","last_seen":"2026-05-30T00:11:36.757457Z","times_seen":20,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bountyair.com/polyfills.ba40be60677e9d4d.js","fqdn":"bountyair.com","domain":"bountyair.com","tld":"com"},"ip":{"addr":"104.21.30.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bountyair.com/","date":"2026-01-24T19:54:09.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bountyair.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 17:20:56 GMT","end":"Wed, 25 Feb 2026 18:18:39 GMT"},"fingerprint":{"sha1":"2E:CA:B4:CD:39:5A:0B:55:CB:E7:85:DA:9A:DF:14:EC:B0:D5:07:C5","sha256":"5C:5B:C2:FE:4F:51:0C:41:D2:AA:C7:13:6D:BB:56:E9:EA:96:BE:EB:DF:52:A0:B9:12:C2:33:66:1C:B6:00:13"}}},"request":{"raw":"GET /polyfills.ba40be60677e9d4d.js HTTP/1.1\r\nHost: bountyair.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bountyair.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 19:54:09 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Sun, 06 Jul 2025 08:59:35 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nage: 5283\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"686a3af7-13bff\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nJwUZuPR4E9QeLYolMHC0k7Su1bebgivbDFewOQDyF12eMsQXL9R0seAxxNmRruOqCvf5tEhU%2BU63GJd9cP1pbb3hpZ2p76i9uv6\"}]}\r\ncf-ray: 9c3214c1285fb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80895,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"59ea51fafc6cd62b3e369e8c300db1f0","sha1":"1437fd49b3a1a8821cd04faeac2b5a20c02e02ee","sha256":"6258f35a9747788482b6b3fe427a03f550d931e9b13d534386471e17e08a4558","sha512":"a41495a25c15fb7cec15362686a44f2f11e49b920a595d0d7094526443ee773e53565761edb390776f259d76fa20b079771ca0dd3e7d33ae6672ade6b1e1e3a3","ssdeep":"1536:GoXUX+I3Bnn0Yp7U/q5PcSPI+zDKrY2HMorGcd2d8biHS:GoXZsBnn0Yp7Oq5cSPI+nKrEGV","tlshash":"5383a74063c02a9827479fbbb31bb4d6e82e08bf3c544c8be158bda465d6657f6f0931","first_seen":"2025-09-19T04:55:21.551648Z","last_seen":"2026-05-30T00:11:36.758321Z","times_seen":20,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Syncopate:wght@400;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bountyair.com/","date":"2026-01-24T19:54:09.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:30 GMT","end":"Mon, 23 Mar 2026 19:52:29 GMT"},"fingerprint":{"sha1":"86:D6:34:52:EB:68:D5:4F:25:44:58:CF:88:1B:C8:55:D6:9A:23:A7","sha256":"4D:67:BD:08:81:96:64:4A:7A:02:51:95:46:0E:60:D7:FA:5D:84:3F:53:29:E5:C8:84:87:AC:12:B6:97:C2:8E"}}},"request":{"raw":"GET /css2?family=Syncopate:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bountyair.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 24 Jan 2026 19:54:09 GMT\r\ndate: Sat, 24 Jan 2026 19:54:09 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1710,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"9a42ba659ecb3976ebeb3830877fb877","sha1":"3aaf21dd5937a8385694eb1b0908ec518256d3da","sha256":"8c1642f0ae733e87f24abf65a779f9f516fc67de6a6a9930f3118e913f696c6a","sha512":"921151af46ca1598eb2090c80a1f07831b73870deba2c229f1b33f3cda7c4c991871ace979314ae379f2e461a24018424e3d715ef875b5e1543bea902abd839d","ssdeep":"","tlshash":"a031bb81086ba200db831dd612dd7d32ee1e62916845a9355eff1898ed5bc399319f0e","first_seen":"2025-09-10T15:35:35.529865Z","last_seen":"2026-06-06T09:30:27.357108Z","times_seen":214,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":92,"dns":1,"connect":15,"send":0,"wait":35,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bountyair.com/favicon.ico","fqdn":"bountyair.com","domain":"bountyair.com","tld":"com"},"ip":{"addr":"104.21.30.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bountyair.com/","date":"2026-01-24T19:54:10.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bountyair.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 17:20:56 GMT","end":"Wed, 25 Feb 2026 18:18:39 GMT"},"fingerprint":{"sha1":"2E:CA:B4:CD:39:5A:0B:55:CB:E7:85:DA:9A:DF:14:EC:B0:D5:07:C5","sha256":"5C:5B:C2:FE:4F:51:0C:41:D2:AA:C7:13:6D:BB:56:E9:EA:96:BE:EB:DF:52:A0:B9:12:C2:33:66:1C:B6:00:13"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bountyair.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bountyair.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 19:54:10 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\nlast-modified: Sat, 05 Apr 2025 04:15:00 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nage: 5282\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"67f0ae44-3c2e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TCWaYZ%2BaaGK47tyGehKqGET2V2Tc%2BzRdXPez%2Fysn7FrGCEPLJ4EVQfu81zDWoP8M2WCW5OdZ6LM6DlrZnTZoGzJTnS7XyBJrvZdj\"}]}\r\ncf-ray: 9c3214c6e8feb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"4680bac41f0e139ee2390d391d925ec9","sha1":"9b99e91580795d70648703ace4acb0c429a3e068","sha256":"2983d0b0e1ed704b9cd93e6dac3847f013df0cd0847c110cec2591be80a55521","sha512":"001fdd7ecb1ec64daaa3c6d57a81d4a2822b6dcb3998fe156611a60be47e4930a79885dd6505c2db8f08107900b98141a3e6b3e0172220f13a2e40b5cebe6b39","ssdeep":"96:K17g4TEZYaJkqbtBj8M+JApExd5jB6f3jKXItIwiDWIxt9pWzzS3gn9KpU4Kx/gX:5pe2kmL8MUYf3+hVpES3gn9KWgrTg/","tlshash":"4b62c6bb3b7a841bc6217b39c8d8b71d963de7c51c124a41b970091c7f28bc1aca85e9","first_seen":"2025-09-19T04:55:21.558656Z","last_seen":"2026-05-30T00:11:36.760592Z","times_seen":20,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bountyair.com/main.bbc2594c9c69111e.js","fqdn":"bountyair.com","domain":"bountyair.com","tld":"com"},"ip":{"addr":"104.21.30.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bountyair.com/","date":"2026-01-24T19:54:09.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bountyair.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 17:20:56 GMT","end":"Wed, 25 Feb 2026 18:18:39 GMT"},"fingerprint":{"sha1":"2E:CA:B4:CD:39:5A:0B:55:CB:E7:85:DA:9A:DF:14:EC:B0:D5:07:C5","sha256":"5C:5B:C2:FE:4F:51:0C:41:D2:AA:C7:13:6D:BB:56:E9:EA:96:BE:EB:DF:52:A0:B9:12:C2:33:66:1C:B6:00:13"}}},"request":{"raw":"GET /main.bbc2594c9c69111e.js HTTP/1.1\r\nHost: bountyair.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bountyair.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 19:54:09 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Sun, 06 Jul 2025 08:59:35 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nage: 5283\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"686a3af7-48b87a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=99hCAnrmTIRN1yZWl8d1HYiUMUzZScARTHvFylNKs9OhIYAUjro876zph8scUWuA9TOhEO%2BP2Bp49q7iSz6QKE6%2BsH7%2Bby6yJlt1\"}]}\r\ncf-ray: 9c3214c12860b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4765818,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (61179), with no line terminators","md5":"1a02da326a05b16537ac36f348fba6a7","sha1":"ac69ecf06a3c5632211508ec085db02ae0d7a3d6","sha256":"4f867766d4930124f01ad5d0760a5b4c799c996eab0085a32ab6ff812b87fb82","sha512":"75eb9f654ae5e8acdedd548321b201f0819e42394904e58913b64214872438f679661df53bb10d02dfa101b08147d6c386902ecf9df048e2832398efd01ebc84","ssdeep":"12288:LGca2rDUO8UI9Yci6pdwDrU84ORdWCjF/2q00Plg4SryHKOQ5J1zzrPEzMvFui8n:Lla2rDV8UI9Yr6pa/TFj08Ng4SyW5rI","tlshash":"be35f88027c06a8c13879ffb722bb4dbe459086e7d498c8be155bc1836d9617faf8531","first_seen":"2026-01-24T18:26:33.566941Z","last_seen":"2026-05-30T00:11:36.758931Z","times_seen":9,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":276,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-01-24","alert":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","trigger":"bountyair.com/main.bbc2594c9c69111e.js","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"@imp0rtp3 (modified by Florian Roth)","date":"2020-09-06","description":"Unique code from Jetriz, Swid \u0026 Jeniva of the Tetris framework","reference":"https://imp0rtp3.wordpress.com/2021/08/12/tetris","rule":"apt_CN_Tetris_JS_advanced_1"}}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bountyair.com/","date":"2026-01-24T19:54:09.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:30 GMT","end":"Mon, 23 Mar 2026 19:52:29 GMT"},"fingerprint":{"sha1":"86:D6:34:52:EB:68:D5:4F:25:44:58:CF:88:1B:C8:55:D6:9A:23:A7","sha256":"4D:67:BD:08:81:96:64:4A:7A:02:51:95:46:0E:60:D7:FA:5D:84:3F:53:29:E5:C8:84:87:AC:12:B6:97:C2:8E"}}},"request":{"raw":"GET /css2?family=Montserrat:ital,wght@0,100..900;1,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bountyair.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 24 Jan 2026 19:54:09 GMT\r\ndate: Sat, 24 Jan 2026 19:54:09 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3908,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"935871d1a732f1e46db8fac63abf0dcd","sha1":"1c67935ab647d6cb5bfa911856397443ab4a64ed","sha256":"b8eec3c6430ec7af2ae527219f944b1f3fde1695eb73efc2a56b3cabb23e2481","sha512":"2a9cb9036467308726cc6b979cab5e2c7159ec088436136f4aefc70cf43b6e90c7ebd277697beca525b052f2a8f8dc5909d9b9e5e4b09afc930e290a7195a571","ssdeep":"","tlshash":"2481c0910517a504da471cc523cf7e26de0e66767494d5797ffe2ca8bdeac220324b2c","first_seen":"2025-09-05T02:18:57.460387Z","last_seen":"2026-06-07T07:11:48.230285Z","times_seen":82099,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":106,"dns":1,"connect":27,"send":0,"wait":87,"receive":0,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bountyair.com/styles.3889a5b3aedd6a76.css","fqdn":"bountyair.com","domain":"bountyair.com","tld":"com"},"ip":{"addr":"104.21.30.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bountyair.com/","date":"2026-01-24T19:54:09.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bountyair.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 17:20:56 GMT","end":"Wed, 25 Feb 2026 18:18:39 GMT"},"fingerprint":{"sha1":"2E:CA:B4:CD:39:5A:0B:55:CB:E7:85:DA:9A:DF:14:EC:B0:D5:07:C5","sha256":"5C:5B:C2:FE:4F:51:0C:41:D2:AA:C7:13:6D:BB:56:E9:EA:96:BE:EB:DF:52:A0:B9:12:C2:33:66:1C:B6:00:13"}}},"request":{"raw":"GET /styles.3889a5b3aedd6a76.css HTTP/1.1\r\nHost: bountyair.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bountyair.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 19:54:09 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Fri, 30 May 2025 12:40:36 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nage: 5283\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"6839a744-5fd3d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BLTNzDlclNKGli30LSSfdAWq4bZbiSoPZF28vCciqLq7P%2Bmc%2B7AZRFwm%2F9dcKM6Y9SMpSFNtF2SRtmDMFKOzmoJykjw4hHdzbEh3\"}]}\r\ncf-ray: 9c3214c27884b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":392509,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (62169)","md5":"827a079f4f6530e80438d5c1c9472fa3","sha1":"02822a38d584a0ade35118035df1d1d241e89d3d","sha256":"c3d524de18ca2061f52ea24cf8a99dd733a1ad186bdee7832dfa956bd9104f45","sha512":"407d2cbba2762f5c8280124c847333d518f423f716f2f0bcca7225c10ebd94ce6768356509118216ff900df2d7c765e09b4997efcaeac9e656a32f58d9b94eca","ssdeep":"6144:jt8UX67O+PyhR8VfM9265WuQ3GaC/O5hV5293zqgM4vFHhNtW8:jt8UX67O+PyhRSO26iGk5hf293ztJtR","tlshash":"aa8483f9d50c04d7b723c493ff80e7986287f2bac5591c69f24a240d2dc7661168beba","first_seen":"2025-09-19T04:55:21.555455Z","last_seen":"2026-05-30T00:11:36.760101Z","times_seen":20,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":21,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bountyair.com/favicon.ico","fqdn":"bountyair.com","domain":"bountyair.com","tld":"com"},"ip":{"addr":"104.21.30.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bountyair.com/","date":"2026-01-24T19:54:10.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bountyair.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 17:20:56 GMT","end":"Wed, 25 Feb 2026 18:18:39 GMT"},"fingerprint":{"sha1":"2E:CA:B4:CD:39:5A:0B:55:CB:E7:85:DA:9A:DF:14:EC:B0:D5:07:C5","sha256":"5C:5B:C2:FE:4F:51:0C:41:D2:AA:C7:13:6D:BB:56:E9:EA:96:BE:EB:DF:52:A0:B9:12:C2:33:66:1C:B6:00:13"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bountyair.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bountyair.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 19:54:10 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\nlast-modified: Sat, 05 Apr 2025 04:15:00 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nage: 5282\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"67f0ae44-3c2e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EKWrAyckY84AL6vhIeMbVxyqOXzlT3Q1fnhzmd2MvrOJyhU9DzrSiwqIobONQKz2Jf2Rk7dJ7sJabqsc%2FDwTMYapi3cAKO%2BggnHF\"}]}\r\ncf-ray: 9c3214c6e8fdb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"4680bac41f0e139ee2390d391d925ec9","sha1":"9b99e91580795d70648703ace4acb0c429a3e068","sha256":"2983d0b0e1ed704b9cd93e6dac3847f013df0cd0847c110cec2591be80a55521","sha512":"001fdd7ecb1ec64daaa3c6d57a81d4a2822b6dcb3998fe156611a60be47e4930a79885dd6505c2db8f08107900b98141a3e6b3e0172220f13a2e40b5cebe6b39","ssdeep":"96:K17g4TEZYaJkqbtBj8M+JApExd5jB6f3jKXItIwiDWIxt9pWzzS3gn9KpU4Kx/gX:5pe2kmL8MUYf3+hVpES3gn9KWgrTg/","tlshash":"4b62c6bb3b7a841bc6217b39c8d8b71d963de7c51c124a41b970091c7f28bc1aca85e9","first_seen":"2025-09-19T04:55:21.558656Z","last_seen":"2026-05-30T00:11:36.760592Z","times_seen":20,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}