{"report_id":"60ccd260-284d-433b-a0c6-0075b5f077a2","version":6,"status":"done","tags":[],"date":"2026-05-26T16:42:54Z","url":{"schema":"http","addr":"bankman.su","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"104.21.60.245","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bankman.su/","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"title":"Bankman - banks, merchants, crypto, paypal, docs \u0026 more!","dom":{"size":95047,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"782f10d947ccf1c73505b8e040772771","sha1":"c96e1b002985b38d53782bf482e90198cc8916a2","sha256":"b20fe3d768813980d2c00a79d0e60f4159146b99ae3ba5bd7978a0d08f4ade4c","sha512":"5f78538c60c4f76ab71f1a85a1c0c8375ce44f5b1987d87081b3604f0f978901aabc011bb5fdce69d1a34d0683f4505334a361c2847cc9da26037947611c7696","ssdeep":"768:XEpb30DxvsRFliVcHWBxvkJu9Vuou5u/1+:XEpb30DxaDiVcHWB6Iu5u/1+","tlshash":"e493312075f53a77665301c5aa8ebf16fee2e02bc7452d407afd82f21f98c52600b57a","dom_hash":"domhashb4d85db7cf8e5fd5bc900883e6a4b72a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bankman.su","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"104.21.60.245","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-30T16:42:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bankman.su","ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-06","domain_rank":0,"first_seen":"2026-03-29T23:12:54.293058Z","last_seen":"2026-03-29T23:12:54.293058Z","alert_count":222,"request_count":111,"received_data":19124839,"sent_data":49507,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery UI","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.2.24","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.9.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bankman.su/","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2186014f8a4f4518c2c51a4ce58e82ac","sha1":"9ec8297b63fcd2874f8b967f1a3fab166cb3eb40","sha256":"5e35e9ddf429c69b8492b66bc6227187d25f8b23b825f4d89e82e9472289f2fe","sha512":"8a6e2cefcf08de9e11b64654e0a585b66314bd8475091cdef1d8c7ef4898624be123162f9c588e4cd75cf402742b831b04291cb341f1ed5e9c28efc05e2f57c0","ssdeep":"","tlshash":"2b51212d32b705724db7a6af27c776047129401b7844c649344f86412fe4d0c9ab67ee","size":2793,"data":"","first_seen":"2026-03-29T23:13:02.259993Z","last_seen":"2026-05-26T16:43:03.144858Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/js/jquery.js","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"91e2156b7dad6f71bff4879aa0f74199","sha1":"1d506a687a7502ed31f7d65cfef491f1fbf32197","sha256":"cfd61f3ec2c13add631fc80e23ad4834dce0b9b3bd5060021d98e8ae25e3116a","sha512":"189dd90ddc91a6e060337afd19d38b60d39750f39e27fa013c050aba38e0f03eb4ae5052ba12f9df3e240b62a802ed5952b7f23f0df9b7f14f8d595b4370ad5e","ssdeep":"1536:eZCiuui8KtmaALpm66yhUr4XriYyDulYOknL1dtbxBUqINM16u4WyF/XIOOKLfir:/4rVxq1MMYpFQWglwo","tlshash":"8e931add72c6b06257a7307a00af650bf236199d680d8440f169e8f9bc78e49923bf7d","size":96057,"data":"","first_seen":"2023-03-12T22:02:18Z","last_seen":"2026-06-05T00:49:58.556869Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/js/pay.js","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c8d663b0c65c15f897e835ee3281751","sha1":"109d7450d260b53752ca06369696bfa093895970","sha256":"b570b6acaa3133e51456a5c72454e7f790292dc2cc443d3c315b65606fb68090","sha512":"6bd67c1696df97ac61dec38838e3eab588d82cf9b705f49c23c3579a5def200f96005f9632e16f4c48b33054298790c0998f51e30eec77eaa1151e138f5c4952","ssdeep":"","tlshash":"6c51e00866d778824a37b03f0bbf66043eae006f861dce15f96c59ec7f84235b55768a","size":3055,"data":"","first_seen":"2026-03-29T23:13:02.241462Z","last_seen":"2026-05-26T16:43:03.123585Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/js/jquery-ui.js","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f172ab1e70b067bc614f22792a37a37d","sha1":"3ac7640db96c4799e9fe20172bba44c0a2b8600a","sha256":"c0665729d145fa0f91416b3102008dbc18c788604fd53a034f20ebba35b256b5","sha512":"20eb49bc2a4b24f454d7d53f12f8398e3c42fa3857995955f7a5cef20d31dfd966674c9eca690f73e1b0c84ff22832e773180297f315fb51a2277ea70f53863a","ssdeep":"3072:xGRSuikvOFtbU89pyBoQSelCSZDbEE/6tSbwlpY/9mIpC:xO8eOR1ETb4G/9mIpC","tlshash":"d124f84db240393695eb9265103b1b0bb233615da602809cb43ccede5e7de4471bbfba","size":224572,"data":"","first_seen":"2023-03-12T22:02:18Z","last_seen":"2026-06-05T00:49:58.571541Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"114ea864b60b5383c386e5606c89571c","sha1":"891e7d04ebb10588a3c56ced9ae2341ddf07545d","sha256":"f8a3daee9addd2d5cbb2f94302d7a5484b96b14aacab6173d929a3b5c18bfba1","sha512":"64de0bbde1068214fa57d11722a505e6faad44b0d6e292f0d08dd792a6e238c51d700a452b667226c939b657ed5a09531fff023c1a9f5738532f550bfc460821","ssdeep":"","tlshash":"61500000c00000000000003000c0000c03000003c0000000300000000f000000000000","size":10,"data":"","first_seen":"2025-10-13T02:54:24.739234Z","last_seen":"2026-05-26T16:43:03.145613Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/assets/bootstrap.min.js","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"35db6a02dd31dcb7b3538a66a5d83fd4","sha1":"621ffc52b3fb74def29fdae0b93a38df54957365","sha256":"685b9588e16c3dfeff8dc8d5578000ad777574421d5186bcb3530ed80171e107","sha512":"6cf1a9d89ebb718bed00bf660666fcb969acd72f60b8818e2be7a152cbc021b793b5ae2dbb9334980020314eff89a2b40f3a4ae8b607addaeffdd15dee22fbb5","ssdeep":"768:h2vzX7Yks6TzySPzrtE1XeHD80gLR6fcAfwI0OCtgez:hEh7Rx7CCK","tlshash":"2cc25406b2313161079bf2f5115b020b723a7a7ee906907c38b9dae63db9c597127f39","size":27427,"data":"","first_seen":"2023-03-10T05:49:55Z","last_seen":"2026-06-05T00:49:58.537643Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f9f1534969ff0d045a979bd490d89cd6","sha1":"7f906ecb591f337ff6598985044d38038bd16220","sha256":"9792c0c5809d353e2fff3132572e42b3a128adec39e4832fa647d2aac7c18a7b","sha512":"6ed906e2c01d9e7a7f2f9f791b617e066b4b126296a5e73bed337202df6901fe89931058514fd810463abe1da27c868b9c990eb312d9f47b472382fbc9b6a2fa","ssdeep":"","tlshash":"957153ae6ab700720ebbb56b63db62047016402f3845cf447c4d86891fe0e0899767fd","size":3787,"data":"","first_seen":"2026-03-29T23:13:02.262979Z","last_seen":"2026-05-26T16:43:03.146403Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bankman.su/public/img/revolut.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/revolut.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 36722\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-8f72\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rVI2y5lT3wlZEBzDDMCWgo0on0ApQ4hKoWU7P3Ax62XHJGbvuOe5NZMCkOEc35ybrQqovE2haEBjUqF0Vmlj7OjBZ7YMExpYVXuEzHDxgkGQnUn1YtdwmgWOdY5A\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99bb56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36722,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6626c01970fbf7c1da5ff770e9698659","sha1":"bd9f8d99a2d4a25a51302cbfe826eb4314bb2945","sha256":"07e15578e413d78cf5affbc1f0fee6f2faae0947d18672a4caf074a3df55e9b7","sha512":"498ed981e99811e296b96df896b052f86d7a336c8deca2a8f58145273d932e913475d508fcaa12cb25f392ea7f92ed37d52ae41e0079705ad054cda68c465b10","ssdeep":"768:mSnoNbxh+AOqIwEK475g8nSsL1Be6rNFLgHxqMfQw:apxhptFEgsL1BTFL41X","tlshash":"bff2e082e7642785e438423111f1166a48fd9e0f2bef91b7d781ce3be1069ea339d51e","first_seen":"2024-08-20T12:46:43.934418Z","last_seen":"2026-05-26T16:43:03.032275Z","times_seen":7,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/qb.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/qb.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 56222\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-db9e\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zcNXG5ZTcBJFMzdfDbuhg2IUtN3TA08LjyhsNrl42DsFA6NKkp0v3aIrYDa0aCTqXj4VYVsd%2BuME9SM4C9MHqiejFovSLbZpBLo09NHDB3cYtLX%2Fp5949HFZs4kx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf699156ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56222,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"176e96b2bbce4aad68f9b0d66376a0a9","sha1":"c0d2d2fdc4e7a7dc579b816f296e037e836ccfd3","sha256":"bd3b4854a1d38c76dd2268acae0f0981c011d4bc12f58c0ec247174e2009791b","sha512":"de9b64cc06608698ff3a4e3d4f6ac513f68bad5ec239a77608613d36e5f910a7b40cd85d8de4e1646a25182b1b235e7c326627183ac9468fce3e60824666a332","ssdeep":"768:LzG/Oi552zg1R9rQtG3dbqSEfvweCI5Rmd:XGG1c1zQtYdbqSEfvII5Ed","tlshash":"e543e0b2dfe416a9ff0465b6a9cd47f54b0cea31a086a63fd9b40ac04c36ac0d548a50","first_seen":"2026-03-29T23:13:02.244475Z","last_seen":"2026-05-26T16:43:03.033229Z","times_seen":5,"resource_available":false,"data":null}},"time_used":438,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":348,"receive":90,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/card_photo_on_info.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/card_photo_on_info.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911a6-337db\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ucu2g2s8wZrguJCLRK7FBl88GCZZA%2FdOYiINDmRZ2zjSL%2BsGkyQ9PK%2FUKpyJedDWz%2FEFU%2BHknTCMpLma6h3DE4fVJEVKGsGLfjnQWVY%2F7uJ29XIKKkwt98ZBpFQJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9d856ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":210907,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x965, components 3","md5":"10edc7fe447ac71c88a224fcdfdc77d5","sha1":"a8439b4dab564ec1f79f155531dd75fc5064f243","sha256":"9a29a1f38afa6ce4095119230f49abbc521daf63c4eedef541106b18cd4bcd0e","sha512":"b5d1adf3636f381832009cfb76929888aecad83b981683cf9a9a47370dc32c0693e6e78698c2f79a9c66f79b4cca3ac2c836024ddd8016b177d447189a48fb4a","ssdeep":"6144:tT2EjnZi6NZKh+KNHgNuUW+ZR39bO+PBu5:L1nnKNgNu4n0+PBu","tlshash":"ac24ce33b8740e5299639b2cd882afae7310f4c7f41617e5e86adf10709bb44cd5caa4","first_seen":"2026-03-29T23:13:02.21946Z","last_seen":"2026-05-26T16:43:03.035341Z","times_seen":5,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":159,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/fullz_700_score.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/fullz_700_score.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12778\r\nlast-modified: Sun, 29 Sep 2024 08:37:00 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911ac-31ea\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GmMJzIFu0IXVKrmd%2BRz5v9Vo8YlmSR2SZnphYONWIBfY%2Bb9dB2fNolyjWZuOInzVHlFKyWEu5bRcIrAR1QTBu63LHwgaxKHRwueoZDMPFrAkoJ0tEhhuuqEZcpSS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfd9ed56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12778,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0e6641c17d2f02b01c31473d8f4effc5","sha1":"bf392b2f5aa8d5c9b1b2c2822bf7c5967ed2aaf7","sha256":"b8ee220c8dda6c37d5368b91e4844d79d4bb3e47bd7e0a448ac11472d44e002f","sha512":"d71ac79d89c4677f0310bda709f39cea74ed81e6d8cdc964cfed2f1b82307670b91ff66d61618ec44425748df7b8358d3ac34f5caf2da3d94584b8fc8d6373bd","ssdeep":"96:q4DwUGnK8KGPfT59nbyb/5BXaLlx1wUUW6KmmiTiTSatFvhX8VciGyASmcHKTm05:BGBzCVUUWFNRiGyscHKSTAM36Qngt","tlshash":"1642b00360d5c2f4f247dff532d59730178365d88a142fcb7a8d6a8f075e588a20b795","first_seen":"2026-03-29T23:13:02.177506Z","last_seen":"2026-05-26T16:43:03.036316Z","times_seen":5,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/media.istockphoto.com/id/656624854/photo/istockphoto-656624854-612x6121311.jpg?s=612x612\u0026w=0\u0026k=20\u0026c=u_jiKukF81fpFkOv3K_MKENn8XTOtLcW22GA6BYrpTg=","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /media.istockphoto.com/id/656624854/photo/istockphoto-656624854-612x6121311.jpg?s=612x612\u0026w=0\u0026k=20\u0026c=u_jiKukF81fpFkOv3K_MKENn8XTOtLcW22GA6BYrpTg= HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EDxx7yclT7ynY%2Bj3dtx2do7ztNM%2FEokvyQaI%2FciispQo%2BxBh701WJgw1UOpmTgjAiz4crgocYlZoKc7Vnd2Fp85hNpImSL94wcGEvzUjWYXGbFF0qTHIcxelPARZ\"}]}\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf698e56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":196,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"62962daa1b19bbcc2db10b7bfd531ea6","sha1":"d64bae91091eda6a7532ebec06aa70893b79e1f8","sha256":"80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880","sha512":"9002a0475fdb38541e78048709006926655c726e93e823b84e2dbf5b53fd539a5342e7266447d23db0e5528e27a19961b115b180c94f2272ff124c7e5c8304e7","ssdeep":"","tlshash":"c0d0129e9183638b442225907ac211d2654d13a6b87645e82d82a48a951857dc5ca69d","first_seen":"2023-03-07T12:06:54Z","last_seen":"2026-06-08T13:58:11.865255Z","times_seen":104155,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/current.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/current.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 212720\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a6-33ef0\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gilJh6uq4hHRj%2FNtBy6piXo3FFP%2BgXiRmihfcH8wtdt6oH9XVet%2FWVcVjgtlOEl0C9oplOqfEjwGW5pstZf2dmEHq32znLssnfAWmOtqFJlmYKwRWSyPQ2jwcZVU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89b056ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":212720,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6d414c0991f19518b18a34b921cc2845","sha1":"50ea4fbda698b1d075647de6f3221ad8bf8a3dd6","sha256":"732cc389145a5660e59b6002697f3bd14bef6a54edc6c1aaa8127958f0bd1b27","sha512":"37b0f74d4b1dda68ee4c3dea7987e62342ab39e36cf5dfb2c6f932310797140f97f8d29003375510144423f3ced9a74d1d99ed3aae80328dfe83712a6fe591ff","ssdeep":"1536:Trq3KPwq0O/sLpYRPTKxTRZiZGprevBafNWqQpnZwTvU5RsWw3mfqeOsHHjd:Xq34xd0YRLUwtONWqKiTvU/s1mfqeO6d","tlshash":"db2402c90b8acde8d681c3b8cea44f402bfd4159b657c26f9bd0cbfc1705485a1ad5aa","first_seen":"2026-03-29T23:13:02.169314Z","last_seen":"2026-05-26T16:43:03.038088Z","times_seen":5,"resource_available":false,"data":null}},"time_used":477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":181,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/fakeid_with_shipping_ca.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/fakeid_with_shipping_ca.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:36:58 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911aa-2b1c2\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UHXyTIHnQM6DPzuQN1kAaRRdhrIL6u9eQIIStZyMIT0KhD%2FqYaP9%2BRfUDvMZz%2B6FsvG%2FceemesCkAr1kYd1Gej%2FQrgkRqPTghl%2BvVA7AB9BUxAifhbcZ0lAJwXL1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfc9e456ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":176578,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x1125, components 3","md5":"1035338f42ef5965443650e8d49f95b5","sha1":"05b892aeec8ce7fba58953aa6473b7f2f7d09dad","sha256":"b28ff78585696131f9f6d987ad62c65b1f69fde575a81a201fc44daa8900abe4","sha512":"704a75e818054c9e5289b403eb67e76d06a93a8ad28ffb0dbff8ebeac452ac0524144126f7ad587e3dce27b56e78579cd75ef20dda8837973c79c275fcf07ef0","ssdeep":"3072:byUjBgRA1qWen3aJXhr57emuWzaP+qNfrf4ujzZGK7Eitr74DqnesluiSChljkD:bvgVWeqJXN/uWzaP95zBd7qWnxuiSEli","tlshash":"9504120d2666d76dda42697fb089e00a9e9338384936e3153deaec488ddc4ed50cd4fd","first_seen":"2026-03-29T23:13:02.202237Z","last_seen":"2026-05-26T16:43:03.039374Z","times_seen":5,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":146,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/chime.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/chime.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29352\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a6-72a8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pZ64RspN4rIvJyIHe4g4Zmwj2HODqP5RE6G%2FXQ6mRSlgb3L7lV7QcXZIQvx6NwXNSpxxUuiP5dsXpCFFmlxI4kzsuOqm4RSbZILcm1YvCHlThDlUZvDc8OEVqy92\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89af56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29352,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"96d4d15b536213e5ca7a7494a7508908","sha1":"2f73938054354f091b6bb971673e30b25dc3fe77","sha256":"a53271e137da8a0f46164ad2936e410c96b8456127d8b5ff6be5609910fc6d38","sha512":"896fd9dfdd61ca9c8e3ac219dc929bff84fcb6e7d1ba27e4385ac3c4c543b10475047525390d8e1b48af4fcf207e1347a026bb9d400b3b0d71ff3b28828acb69","ssdeep":"384:mkg0ampIfWBA9iCXQwX6guLCixlFfVui0XY1wrMvxnmY5AUIznaTd3m2:w00uYXQuExNuBX8wrAb+cRW2","tlshash":"c9d2c0eb87baea41c9436d35747cd738ad5556d8df0b6a028b13a032e09f5cb099c127","first_seen":"2024-08-20T12:46:43.820393Z","last_seen":"2026-05-26T16:43:03.042242Z","times_seen":7,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/fullz_800_score.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/fullz_800_score.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12900\r\nlast-modified: Sun, 29 Sep 2024 08:37:00 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911ac-3264\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GrSt8gJpw710gl6HnLoOoZSaM8K0emwb%2Ffvh8eSCduOs%2F1XQ%2Fpae%2Fe2jnIWCHhLNmL1bFQmImbbLWEnAP1kY%2Bs%2FjwFYRftDuqpHKFYxvVob0P%2BQD7KsCzy4wazbz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfd9ee56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12900,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0a3d03ddc8c58f24c74c22ba8e948258","sha1":"23c02431c491a45dafa423d181fe0380de7c26d5","sha256":"bfc2c0c1dacc4676189141d1b480891c8c003303348a1b8624827a7d4b07b7df","sha512":"52a7f61e0be9b7eeff85603136e46ce1f6fbe75c134b132cddf9a0555147277df185e4064afa321c635e205af2e41cc2532bb68dffd5cf0bb2300226b69af518","ssdeep":"192:AZy5d1d5UssAmYeMfcHMQCYUjzDWxjtZQzdPVrX2DVsHc9t:AZy5LzsAgMfLQCZjXIQtVrmS89t","tlshash":"8842b02043cf05b1e5b852397fbb036f99a56e5dce3e9591e5093c130197ddc54c29a8","first_seen":"2026-03-29T23:13:02.253405Z","last_seen":"2026-05-26T16:43:03.04316Z","times_seen":5,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/ebay_with_bank.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/ebay_with_bank.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29080\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a6-7198\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Me9FNtkJ4d9D1uTnHs2B%2Bz37eA3MWfRH2zrvCSkWSutRKRtcYoItVx4nlgILWUIg%2BmMktZibbfsHTyNyAJ0er5xo0b6Ezb8jO4xA0splDvUE%2BVdV1duaGvkAtQ6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bd0aa3156ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29080,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9de88a7aafdf9c30e69532d85f3d6b3a","sha1":"5510afb5a536ae9b208ff3f8722b1bbd28b8e434","sha256":"df23f148e2cff48a307bb5b0853df1b8ec20986d2e8d86db934abb6489622c08","sha512":"979dfdf039d2f12df035924baff7a64c46fd81f28a148ae29842017c3cb9be107706f6b58c60f7cae439d3f6df83d09e08f218a3516f7e86dd930e10f763306c","ssdeep":"384:wuHUV3OxkbNmpS0qp+MpbhsXQkrd3Y/JmGd3bJD9xZySb0QNX:5UV+qbNnpp+MRhsVrd3xGhJ/X","tlshash":"5cd2e036337bbedcea38057e2eb509213d00ef3005559ed8e206e5692a4ed204cb390f","first_seen":"2024-08-20T12:46:43.861739Z","last_seen":"2026-05-26T16:43:03.047888Z","times_seen":7,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":9,"dns":0,"connect":0,"send":0,"wait":238,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/paxful.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/paxful.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 67052\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-105ec\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NSbTJZVu3oQWPxSUAiUYRQO1wmekkDOx9Xeq%2FHgfY2W1nnbqpR1hzlcaPZEEdyfOic7Bhn7R6%2FUWrJVgzPBVxrnDxZwvMgWi0KAS0ZHPelIDXmqOGl8kvnm11q9t\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf79a056ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67052,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a624435b62da7640a5b35374f3c33bba","sha1":"a71cb37297d8dbe5d6b900c4c1e2c643999ee5b1","sha256":"d06fa9b97cc9a097d2ae140e2ecec38cebf1d9112f952a8361130d263208316a","sha512":"4b11c69beca2dd0ec51f9bcc05940296b36c0c91a8f1f4730d22f75719b3cf6543560f337089f93c1a5b8ed222943171e559c8c2e944f54d399a55c0a8f619c3","ssdeep":"192:iNwIWtvSmazEcc+RRaiXOb81FHMnxlug8J4hruhx1:iNwIMK/RRBw83cxrgwi5","tlshash":"f563b0e3eb9aeda8e3f8517110c222c48130735a7251d705e904e6352f496dee7a0712","first_seen":"2026-03-29T23:13:02.113392Z","last_seen":"2026-05-26T16:43:03.049294Z","times_seen":5,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":106,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/barclays.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/barclays.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6272\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-1880\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F4rDG71nCtBNCGvfeYnr9yMExwRU8qZ9ano%2BWRKelR%2FVdOZB81VRkmj48KRbd3G7bX%2Fsr4uRfWiatkoOLjh5fPKbtvuP6RhQrgoujzcAYs%2B6ft37rOTImmKWqnz%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfa9ca56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6272,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 600x400, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"eef4394bbe5244b3fee3a4180d63c431","sha1":"77389ea7719cf55f09bb5b82b518b650e36a7b82","sha256":"819dc93ddef1a4893e2f8b63b5a093c447f7999a3bf5ab0d530f35d09b4662f1","sha512":"3a30b19eaa68fa6a81e1df1577bb138f53ad0f3abb189dc2526988a4a7cf5f88b6e0dbbb859bcb6902b1d352f1a63d5d8fedc1dbb914fab9d7e50909cbae64d8","ssdeep":"192:R+FXkstA11llHQ7fvGXJUA44DkvFByNMHSASnu:m0stA1TlK+XWAOvFfy","tlshash":"b1d17d09b53e4de1c9c26d76c3e891cf1f8230173fa78859e7c695478f1a6a0509593b","first_seen":"2024-08-20T12:46:43.924016Z","last_seen":"2026-05-26T16:43:03.050461Z","times_seen":7,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/payeer.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/payeer.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2992\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-bb0\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1ECTGc%2FMjufPV18CVfP6RF5QIPxVEbbOLTRthFwjowcRQAFSC7cfZj%2F8BF7CHeQriz8hOJLlHxpFaz8ldOIQL4rdMzZs79DGXob6hO0pZY9Z9ZBvhVNhtj8q1Bu8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfa9c856ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2992,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 568x370, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f2e6adf960ff105cec59f78d5040ecf4","sha1":"e87a55706b53a8f90e8a0a49300584a8d2763047","sha256":"d16609447d28c6ce14ae0be9c12fb57aed760ed7cb56e7298758d15b6c9ad0dc","sha512":"2a6b42fd9ee573f673e102feb94e99f5d7706dda3ecf5f3246edb95ff7be9ffd34fca12eb9b62cb00a3f6479579884ca67cdda288c0344cabb832e52c624fa94","ssdeep":"","tlshash":"21511c0a912cb7d5fba1413c42c665078ccfd415c9c926430e81f67977aae513df5c99","first_seen":"2024-08-20T12:46:43.857578Z","last_seen":"2026-05-26T16:43:03.051295Z","times_seen":7,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/js/jquery-ui.js","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /js/jquery-ui.js HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 29 Sep 2024 00:30:22 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"66f89f9e-36d3c\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6zsJ8T1GK1gVBs52ROXjkHAuBjg1s0yLVkHMOxsVhEK4BevoIKbbjoDzjySYIBqrdggf8LuewcmPyJpeCBPXgGmlBacB5ml2jtoeyoyah3miackUAD0j7iBr5lzi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf698c56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":224572,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f172ab1e70b067bc614f22792a37a37d","sha1":"3ac7640db96c4799e9fe20172bba44c0a2b8600a","sha256":"c0665729d145fa0f91416b3102008dbc18c788604fd53a034f20ebba35b256b5","sha512":"20eb49bc2a4b24f454d7d53f12f8398e3c42fa3857995955f7a5cef20d31dfd966674c9eca690f73e1b0c84ff22832e773180297f315fb51a2277ea70f53863a","ssdeep":"3072:xGRSuikvOFtbU89pyBoQSelCSZDbEE/6tSbwlpY/9mIpC:xO8eOR1ETb4G/9mIpC","tlshash":"d124f84db240393695eb9265103b1b0bb233615da602809cb43ccede5e7de4471bbfba","first_seen":"2023-03-12T22:02:18Z","last_seen":"2026-06-05T00:49:58.571541Z","times_seen":23,"resource_available":true,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/dl_on_info.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/dl_on_info.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7361014\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b2-7051f6\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GDEi8mOxIxozJEZwMtNrlqvSyqrjAH1iK6egevpVLaQOmM9DMipQS%2BFamGTVU06Yu%2FReveTbPrCGTpTGmW11sfyMNGNu6x3x17dt3HjgAuVNzkgHteQwIPlNeRUT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9d456ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7361014,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8119d6f453dc2966b862e3b0aeffd47f","sha1":"378f63b6b2a2da03859472305600f45c372a93fd","sha256":"5bac5a0c78b4794b6ab1dfa7a55dd366abc65a8f49a4871385810ed1c7910660","sha512":"378700efd9607c830df27f3da746cce8cae3c77f1604c7cfc5d56fb6582c66b018427b9c2e2a4450918548773821f7f668c3ed2ef1081ec2bfc4ba32a5465f2f","ssdeep":"24576:0W4CKYeT2g8c7QhvMKUIndtfvr29fwcfL0Z/xEpre:2/nTD8ccMKUY3fvrswiQ/ire","tlshash":"5f2533d417129f306dddab61a597349a62472e32b0cb9eca6093fd40e76c7311e239ce","first_seen":"2026-03-29T23:13:02.252076Z","last_seen":"2026-05-26T16:43:03.053537Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1368,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":1075,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/how_to_create_us_banks_guide.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/how_to_create_us_banks_guide.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911b2-2d86\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AO6vNyrQfzHVB0Rp%2BhQCqfYQkkqq2B16uggHZ%2BuuBNuuRmNnBaVfPQR5T53L5JQ0H5lsGyEmLMsfUcXrI95j1n%2FqJU%2B6Pz72i%2BbRyzLeTER%2FWu7bsWxSP%2Bn%2BS%2Fgu\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfe9f356ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11654,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x152, components 3","md5":"6b3c654edab5a05e7eb232e2128f1e99","sha1":"53d3f1d178e6233ef8e1dfb5b395bc5b034f5798","sha256":"393ad4cd158f61d56b02708203118ea65f77418d62e43f5e9e91cb0734dad037","sha512":"15c42919a139058d8d79c1fcbb7d76bf810586b3a5fc6d4b7d07e4c7a9ee9e5fbde78d60f59d8c3d822efe9e9453c430d4567321e3295d27e62c2a55251e1235","ssdeep":"192:uBUxSOcpjzw50gU2GF3bf12k86ufWktOF0IMNpbnwp1ZO3JEZ1rqYVb7+41L:uldjzEs3bf11BuQF0IqbWZCM11V/9","tlshash":"ab329e0a5935a0b0f3d2ff78b7d30aa3859f44864fb91e85306b99d3f124d9cc191698","first_seen":"2026-03-29T23:13:02.179196Z","last_seen":"2026-05-26T16:43:03.05446Z","times_seen":5,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/bitstamp.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/bitstamp.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12332\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-302c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c0D4nxAYhs%2FzCMBJpypnaWQ%2BpM0d5%2Br911dBk9HYrKz%2B1eN9gKC8f82lTazlYHXS3GbJPJQjT3HM1p%2FnnVrU2E054n4RH6%2BOEhrYCKz2rRMj9FRVL7ltxFePCtlC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf799c56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d9eff58f045f0679682efeebb1bddaf2","sha1":"2d002f4092751a577f8e6e81faa556115d9ae0b2","sha256":"98b91eb5eb3c7e78add5b7abf33449d5dd3bf4bdf6b8b66db410507be7e9db62","sha512":"034bf98da9435199de0bb6527ee6a44735bdd5de31aa1316048fb65148d38420928fe8d87932449dd274da5826a6aff4b0fe19e807c0e094c6febf5df24303b2","ssdeep":"192:GTzPjPwxeJ5B3HikzNNsLByUoEhknoTGKo/k/l:GTzLPAeJ5RhNNsL1+nZ+l","tlshash":"e6424b12a7e07d04f8d09b316ef0caaaf62a752162e31027358d504bff70c67895db22","first_seen":"2024-08-20T12:46:43.818518Z","last_seen":"2026-05-26T16:43:03.055458Z","times_seen":7,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/paypal_with_ssn.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/paypal_with_ssn.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8712\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-2208\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wbmJclpxlEJOyf7aQ0GyghGoittpYI8gvkQGhrdGcYxovM0RT6UgoxF81C3r9Qv98lGTuu8icimUKj1vwLS2YF493ky5ej6W0zQ9TSD6y%2Fy%2FMnmxdulqMrNe1%2BXY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89a756ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8712,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"92d4eed01e9c1191c63ef33851f247da","sha1":"6c4e3d3504c7e9236e92c6d4e433324387624412","sha256":"fcf149ae078a7cf02f4721470a61c1c11fdf2986ac0fe0c127787eee92c9d5e3","sha512":"142e60577ad4e67698cca3de005f82f8a27cbc91e0c555abb0fbec5764234140f3bc816606249de0db8679d8775dc7fbde425ce065f57491769c3856a2472d5c","ssdeep":"192:yLccQMSVdC+U9YZ54zmfsJMuEQ/2FSBGo:EJcVg+OYZimnQ/2FA","tlshash":"bb027d5b7643d06eda11b3fb121a43c73c5c628704265cf3bae316552beb6d4292da40","first_seen":"2026-03-29T23:13:02.070289Z","last_seen":"2026-05-26T16:43:03.056328Z","times_seen":5,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/paypal_wity_crypto_and_bank.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/paypal_wity_crypto_and_bank.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12024\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-2ef8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oYyDs8EGwJql2ZBEv76EiRZKjlhI%2BYH%2ByG8ltaCmNrMSgLeHgAMNH3wU9wWwXB%2BwJv%2FMErXmPBCRnGYYMPPNIR6Qg9pPq3SQS8oowMJE%2Bku3GIRCP77C6aok3UVX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89ac56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12024,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a4bf4a43a58694395ad0bbfee99ff392","sha1":"08acde1f22b3a3696f95c1a33d3a72d7614969f8","sha256":"709689b4629419a42accf5f7257b953880d067cdb8cf49446218a55209677043","sha512":"72123f2ab332a2683f06a9988959e237d3336fb588656bf3bbf668a05cb55dd351c2316dd457d10265a895000ce13038d1af4bd789802119ba3c56ee50e175fe","ssdeep":"192:IR2cFDScZ9AMzGwVeIZ3aXu+UDh1DPKeTt7WM5KE1mdA/3Xshj:IR2cFDrnx6ODSeTtSMvx/3Xshj","tlshash":"6a42c0792490d002c1e6af72cbfe5edc1c9bb7b1e2ad7fd4105ce4661ae7835ae81141","first_seen":"2026-03-29T23:13:02.226043Z","last_seen":"2026-05-26T16:43:03.057502Z","times_seen":5,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/sable.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/sable.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12958\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-329e\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r%2BGe0365qn5IY6OErKPSQOOd8u4ys%2FiUn5Ay%2Bgr%2FO6vZCyLxABv36ISxjJO2hE7SusfdMs3b5Gww44TuiUPu6IvnR74lswXoY5LjPvRAOK65tj3TIi6qrJzVr9%2BF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99b356ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12958,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b85e6f179f8634354ba33c3e422f3bcd","sha1":"832fe4c84fef560397b283a74f71e57100d07d6a","sha256":"40ebb0db3c4d11059a4a436134375b6cac7f2ed92f8b1148ee2bc73de076be20","sha512":"c66982f2d58f78730e1c13f89cd053fd0c223df5685bd167fb853f5c3a7449d95119bde4de450ac5e7f3c2ca6bb57ef07a258f1a327015c49719bb7f910d53aa","ssdeep":"192:BTzPjPwfOymEHX7RAG57GSc0acBmPELnNEAs7nHNkC0gkluCknovab7C7l:BTzLP+/AqGScxcsZ/7HKluBnlIl","tlshash":"5d426c0aa7a49c06f0c06bb1a8f5c667d6abf72231b7695b788d5507ff40c6444287b3","first_seen":"2024-08-20T12:46:43.82451Z","last_seen":"2026-05-26T16:43:03.05852Z","times_seen":7,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":406,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/wise_business.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/wise_business.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:37:12 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911b8-1b89d\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xnAv%2FkhLFjgCP2y5UaMEEKzPphLgqIersPkCI95xV5EBppnXFEDXHVclj6RP6Ctr0n%2FSOSJU50tD%2B6v3Z3pMqitw7aqpLA3YZq9aPwia8aQSgeSVEUab%2FdYKm20l\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfa9cf56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":112797,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x627, components 3","md5":"34c39c5292ddf033d5b59202e793805d","sha1":"12450773e27904c9175e2f9b087a6b882beb198c","sha256":"952f306b340104214f392c49df60cb23c8be02b3edfd02bbc35c21854a1a938b","sha512":"6ab7ea6624147b07b2e444b93da7f41487d0e62566e33d218f5d409c16407c12ef667d3eba64768735a64537d4460c7a49fabbfa2ae63052f6ed7b8a401ad6ba","ssdeep":"1536:CwjfGarZTj21HIEzbibzUfeQyiasa5eYnm0Ye9OEGsSCz3T1HUmjenNUj2l/F+Jo:CwbAtbibMev8uzGsV9HrjeNUK/j","tlshash":"3cb312e04cde8d69e94a877cc38472ad83560fe87638414864b34475d8bba26ff19cf4","first_seen":"2026-03-29T23:13:02.104931Z","last_seen":"2026-05-26T16:43:03.059399Z","times_seen":5,"resource_available":false,"data":null}},"time_used":355,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/fullz_bg_report_credit_report.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/fullz_bg_report_credit_report.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12506\r\nlast-modified: Sun, 29 Sep 2024 08:37:00 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911ac-30da\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tGv5DusrU%2Bqo6k9hsgMRZYVH1DvpTQbP0lqgrtw0IutMOyJHFdF4Ajx2Td9ciffsoIfPaQMGWQzQ%2F3j2IErR5mV47Gx5LPULxox5%2BUycRGU7MJWhCn65VlBkgiai\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfd9ef56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12506,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c69f86614ba735737796167bbc011f32","sha1":"b2c2d45b8d7c705e962acf15d8678055b1ce19f6","sha256":"801334927abdf7c0dcbd550d828ca761c876e3ce7b85534f42ebdcdfef6cc1df","sha512":"11abe3147c87cc5c2dabc36146e4502d5e6060890261d90c25689426f699eaf27d22b33dd399f7b422537c3daf46a9666e7a3a4da7e5ad0fc34e3968b2c3c05e","ssdeep":"192:xIff+Zr53HP1KTwglTxTKAailvGozwmE9wnJ+s0an:xIff2rlHNKTwWTKSvGoUmE9wnian","tlshash":"1b42bf408876df49fbbe567f9cad038489500804191bb953b1c95077a9d3be3fa4e7b2","first_seen":"2026-03-29T23:13:02.10056Z","last_seen":"2026-05-26T16:43:03.060343Z","times_seen":5,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/bofa.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/bofa.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9612\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-258c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pwAa2raiNb4OxWx6PyQ%2B08VYQMewXoJU6wOFIQ0RROu%2FYT6aPZArkXnl%2BRYrDLWQskON7IJZq6Z%2BDBpCHYah7CzBgsL8KZLkxzsgBBuTlNRTqmbqIfiu6Y7v2tC%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf79a156ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9612,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x630, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a607ba3118b004d16b2cad08e4f29e44","sha1":"7bf2e5aa0e6a0e8bd701b46105dd9a0558685074","sha256":"27679b1cd83316b94c277d0968fc61b65e667df707d095be4294c1abf4480649","sha512":"b5cd4ed6e2c38ffaff7985cbd23363d1f361b08db5725e5f8a90013b8d84c79b5b3ebc97aad507390fe73e3eff57e6c35cbf67d6c2c95b805399e3c5b382861c","ssdeep":"192:CHRqENy+sLqZ9LZ9yqXDxvTyHS8kwejnNiIy3T6C8vMG:aRqENyNLqLLZgqtvSt5eLo3Gx","tlshash":"4f121927bab7491ee90210b518c5b5ea0d36305deb1164b244ab6c1dc2b0f7eacb07ed","first_seen":"2024-08-20T12:46:43.918646Z","last_seen":"2026-05-26T16:43:03.061518Z","times_seen":7,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/paypal_with_ssn_and_docs.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/paypal_with_ssn_and_docs.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10280\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-2828\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JScTbTd7M9kblcqTk4Yc1gaFlYrJddrTmnrUEUB3VOMOI39eJqAPeLcxr1itb%2BrqK%2BNrSk3SbxDKQ%2BbaWGceVzgDbBFGUwdfjiFGj95mbSnukVC0uhKH2%2By0bJ5A\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89a856ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10280,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"da279c3a8d64c72c73fcf59b305d3022","sha1":"f8fe77136ce90b6f30742d642c0cd28c6a868ce9","sha256":"89410863e08c1350309ca4fea1711dc0c73b9ca3a82e0782f469015221879280","sha512":"6a3b095ace2af7fec74d14ca9c129db5d5635fd732d8609d9d9f8f583fc9d40a6d4fbf810ae67d7a4401de779f83a9772468e65b222ef028814135045748d668","ssdeep":"192:jKYF/jd33YkwvM7yKrm6y6ZWNJHfx7K/OfxjBgpwrSt/Xf:WG7R3hrOBwc7KWwjt/Xf","tlshash":"f822af8317715147f62195b476999e618eebfea66cf74b271ff80823081f2ff244a10a","first_seen":"2026-03-29T23:13:02.032779Z","last_seen":"2026-05-26T16:43:03.062785Z","times_seen":5,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/scarlet.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/scarlet.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 287718\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-463e6\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pdVJnhm80TBVFp6vp%2Byjvn55XEUJILrbBx%2BTDZScxa4TLBvhrVjZZ8%2BwWjHBrH0ZjHPSRtQEL0tGLsm1Ok6C3%2B1KwMtywF2ims6HyrYGPWEm3HgZFlZcLfzcDAVv\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89b156ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":287718,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d1c47f3453028a83f3b634e9af4e5e6e","sha1":"3486cb09b946abf3cc5803dc0401977d776cb7e9","sha256":"9c6cf5f5277fcb7df4939c52a10fb455422cbc5df4c139d49d62624d4d631967","sha512":"ebe25c1410777b4be0e782424c964e8a29fc94f896e6563be4a2fc8ceef89941f8097645c8e8f041179986bd3ef37fef6146cf97a8fa0ec8844a3f75770fa62b","ssdeep":"768:X4gZyBIa2GprgnFVdKEAf1nIZ8optnhHwTU8tY9o:IuyS2rgHd+9nIZ8ohQTTu9o","tlshash":"4254e043aa44ebb3e2216f72425e1dc55c783aa202c6037ff9d2353d9967afb14780d9","first_seen":"2026-03-29T23:13:02.232891Z","last_seen":"2026-05-26T16:43:03.063569Z","times_seen":5,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":213,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/utility_bill_on_info.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/utility_bill_on_info.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5090456\r\nlast-modified: Sun, 29 Sep 2024 08:37:16 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911bc-4dac98\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sKXi4rMrW33syzEBTia0Ik8hYSxsp%2FfG%2By4GzCvpYBtBcrwpwgmFINJTZIs5uE0EgMqEjkEP0sCV4LQqtzC1%2BVZw83KCeZLAyDlsloYIFQF3YnF0F26VYD1PUpCq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9d656ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5090456,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3156805b5841f056f3f3efffc6d6fe88","sha1":"28cf33b49c172841f1435aa18dce73cdbd28561e","sha256":"ca4f468dc38deaaed9169d6dca9f4b12212d5c7080814d25398c6d7cf943e629","sha512":"3f080fc90cd32440bfc0097793f00becf744b2b0824e1672c04533fa87cd2655b6cd5aeb141d20038d1b99f2f97e2aadf049c23d71587eec08e4b31f51061765","ssdeep":"24576:cFNHNwPLCl+p1m2jN/b0QKijIszBP9gGsAvo:+6mAnZMKg","tlshash":"a32533302e2e2655818838f817871a3f29e15ec19e0cd9f7acd964347f5ba0bfb36159","first_seen":"2026-03-29T23:13:02.027053Z","last_seen":"2026-05-26T16:43:03.064356Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":833,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/bank_statement_on_info.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/bank_statement_on_info.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 197964\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-3054c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gDBfqVO8AW1DqLzqoxb0NRb3AdIH60zwv5ZvXG8re7aG2N4J5QPTW%2BH4m6XQlxqvVAlHXccyBUezEj2k3ihlRmH%2FVMZXOGUaUivnrjJsQpq%2Bs1EVK10qev9DXjlX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9d756ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":197964,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2fc0d51a60251dc80d727893f50e92d9","sha1":"ec6cd95417bf292032e0ec3fba38c72e0637a2b7","sha256":"4231e23259dbd950190c6502973b6f156dd80b4b7caa121eee7410e88affe8af","sha512":"39bca012336b0418ab1887eebdcd5ecad9b57fe0f34e4684b43a0e5c4418a83481d5fa90ad4ab8f55086cf35172347d5ea09c88a8823c3f5ad185092b15bf899","ssdeep":"6144:+yQ5aTu159lS7BahKhuHEEctHsMBnYXdaff+J:+y4HlQBIKhugtRxv+","tlshash":"ed14121c9f83cb44f9d65cf55ed763b4f98c2cb680c81c539d5401a823f6296c5ea8a2","first_seen":"2026-03-29T23:13:02.224832Z","last_seen":"2026-05-26T16:43:03.065348Z","times_seen":5,"resource_available":false,"data":null}},"time_used":519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/cash_app.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/cash_app.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 22250\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a6-56ea\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wlpFUgjGFCWufDZ4R5D3fTwRFO8TQeeIpdxm%2FVaP7v1XMY98%2Fqah53yef3%2FpHYqR4VRpC%2FetHPFL5ITUTJsA19roi8yK4RqlAC0AX%2BOycUttYutKH5wCtZlEhuVX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf799f56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22250,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fa94a5b67021ac59f469af759e42234b","sha1":"1c0941c14476710ab65c63c34b5ee4319566b1e3","sha256":"a1429d4188c4ec3e8bc344ccb343cfdf7a5f030c2b53ab89308be0f1f2e50a7e","sha512":"6f23e57f8a1b81da26dba73509a387759cebd696caf71eeeaceaa9481239c5e54f66e599e946812f38a9df67d260f3171e5285bb4dc7b3c8fd492339ce323845","ssdeep":"384:j10Ttim1CVEFyYqEnfqM/WTQ+Pqpa/YZHJRtCnMVgAugw2UUyPW6RXJ9N39CRF+:Cp1CayK/WTapaOztVDugqnZ9hERs","tlshash":"3da2e136575133ecc97087b9d21587bcd3b6512592a3d3bed90a4a50090ceebf520dcd","first_seen":"2024-08-20T12:46:43.923022Z","last_seen":"2026-05-26T16:43:03.066255Z","times_seen":7,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/psd_templates.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/psd_templates.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911b4-2771\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CnGjkpEdcD9C63PbjGWAeRvSMQvCXMVT5FQSIEF%2Fbt8oCwXlwpIKq2NAmJlDYNciaxzfvyVbndlc%2FcLuptkMURmE8MvauEt9RbLK9ktGkSfRw11q3%2Bxno0UylS0N\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9db56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10097,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 606x333, components 3","md5":"5760b04ff9982db1bde9e1402406286e","sha1":"a18db1c04e0af2bac981d708245025cfc1b0cb1b","sha256":"9b4bac1a75f92f14f140de8cae9ad82c3027dfa9efef5d8e19bf0fdddee3471f","sha512":"172d81d32cae8614f56a4d5e9e77b069855b33d54077dd574e4f99a0b6a24695f17f675224548a539a15045339b5775e5c3d4d7064bc0e410b26be771f69ac77","ssdeep":"192:/8Nxfwy0PhUlt+jijDhpiMddWVLwg+yR33kaA2k0Fn0x02Xp33LBY:/8faUkjMbuLwXUnZRVWJ3bBY","tlshash":"b1229d928a7a5350c0d41bb541fa23e7eb8e9a01bb1cc78900409fa8bf139e699b254d","first_seen":"2026-03-29T23:13:02.1458Z","last_seen":"2026-05-26T16:43:03.067338Z","times_seen":5,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/bunq.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/bunq.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17690\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-451a\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LPd0wdwZHVgcicfJ2Z6nPOSDCD08CohfPnfeLzmgDgcdyWlv6mlLOR4pfoc4yEoGeu8faOTKEtI2UKURxghuG9GDWj%2Fi0DV8iJJuCoZCpwF9PAOy435n3D2lTrnr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99be56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17690,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c7cd20a5ef0a7e00ef9ad52cb87473ee","sha1":"6b71df18b3fd49368781d4743563bc42d23f0094","sha256":"7baef7ea4ad17329de1d1179e997c865d95e3eeacff091aa6c97d2fffecea0ce","sha512":"4bbf3e7dc3566dca0141046ab2eb2bc74e32af5567e573b3f11a96ca0c4708921c80dc048204fa51775636befde003c89a81e69425c8cc2489b74e99b91e76b1","ssdeep":"192:ojwsFle/65WSJX7vaO44PK1P+gFHLZV7VPPaBju0RHqz2sWfa:opey5xJXmOvPK15rZV7RIlKz7J","tlshash":"6b82ad18e4b7e79dfac09a7c3ee56341c592b5ba6b6cff2696135300c708a0404bd8c6","first_seen":"2024-08-20T12:46:43.862754Z","last_seen":"2026-05-26T16:43:03.068207Z","times_seen":7,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/wise.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/wise.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 46476\r\nlast-modified: Sun, 29 Sep 2024 08:37:12 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b8-b58c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HSKj15uAFI4CSevOmaW9eFnOvT6STINmb9Bj%2Fj4w4vsWCoGqYUuvBDyUto2xv0FFCP%2Fwfxhnj7Lz08jF9ehq00ZJIvLvq06oovvbBhYC%2Bq2tGJT9YVpsYfBtblKz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99ba56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46476,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"54933423c0389277c0b2175d1b127140","sha1":"f50126bea263820532ce345c9962d3ab0d93751c","sha256":"a663734cf6b8719e3037bb4fa51c0750330180f31d16af1b4d97e10396c73d69","sha512":"c479554571abfa1eb0adc7d273e990a51e0a22d3cfa9731a8d98f0576cb72139339659d068bc41a3544c26f95cc70b651296e656dcfc9af4a05d0cb31d973a38","ssdeep":"768:MiA5lwsiMbQYpKZNt22Yn6P7Fg/nJeNg11:SHbQcKZeNn6TFg/8e11","tlshash":"1123f2819b7073ddf30a3772223784c59b0748fc226de21b81ddabda9915f24eba100e","first_seen":"2026-03-29T23:13:02.229881Z","last_seen":"2026-05-26T16:43:03.068991Z","times_seen":5,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/anna.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/anna.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 43170\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-a8a2\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lOF2vVl3JPTUr2Vv97rjEjsfXT%2FfkyKsQeBDS9uBjVxkQXXyOzJ6X1wETbvkOVz4Yd0hZnQ5VR1bBJLDDl%2Fg%2FwKl%2FzTdphCTLjpKlmv6d8C8jskCGCXLPDlu0iyO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9d156ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43170,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"249b2882b4ca4535e9158cbb60766eae","sha1":"4c300970b3ee4664cf827fc8a89d6f00d6d4435d","sha256":"5df55bc14161094a6d1306958f3d9e4aef9311d98f88d29aaba3413af6d27d36","sha512":"9094a447a085d06a015999108d01b2794479fc1d9503779f86ca62d736c2b38f9880aa328f751b36d5831df295d1fa9452336481976657ad6168151005032a9a","ssdeep":"768:UK2r+CwaI0z6NM5jYZb+7KF1rbrH1zx7JXKLBz5bsrmPyq+VBNqN59Em9g4V2I:+6j1Q0YjYTF1rbrH/7JaLLbsqPOcf9R","tlshash":"e913ae56f64df9ba815e2ddcbeffae145429c113e86db697ae08370d96201c9f620f00","first_seen":"2024-08-20T12:46:43.876886Z","last_seen":"2026-05-26T16:43:03.069857Z","times_seen":7,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/fakeid_with_shipping_au.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/fakeid_with_shipping_au.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:36:58 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911aa-3450b\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OPRTXjmnIlK5fpnyWCz472bIKdAbOPUXbrzZFdf%2FBlyqbBYMDFgiV%2FE4Zz887sIKrEdKgqeb9bOszAp78zcJQ3mGuEWtlBZ3ATZO0%2B%2F4Gu%2FUPkZCbPs3eM%2BP1PQp\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfc9e756ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":214283,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x1125, components 3","md5":"eca7dc69a0ef6c3f7a2abb0fbdb2dc46","sha1":"a15ce53a3296c8870ef1aeb2de9b7c7d463c19c0","sha256":"57c67d28b987594fcc5bc91382f56be18bdf676c98ebabb4d63c1ac7748fa11b","sha512":"699fb62258f2017a9f95ad9e432fb3880ebef646b59d7118cc811ba7b91f6aec11acf4c44d6679da3823709942f98b46c94c86725bff9cdcd0d2c7f35bcd4a46","ssdeep":"6144:mjtP3+FT5uByrEp+aVm1TuTRxR3nrl5es9W:mtPOF8TpC6RxR3rD9W","tlshash":"262412c134c74fc7f539a73a052614a936bd7be4543259823fcae5eca40dce26928c6b","first_seen":"2026-03-29T23:13:02.166167Z","last_seen":"2026-05-26T16:43:03.070742Z","times_seen":5,"resource_available":false,"data":null}},"time_used":406,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":180,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/drivers_license_check.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/drivers_license_check.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17600\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a6-44c0\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8mB9pBSy1i6ClgQTdZfD46QP2QElBo6Gh5ZP4PkGCoVfrkSS1uf%2B5pZirOZPSzQBQ9He3Mko46UH5ZiDdVMArgOicN%2B23pPDCp%2BJV9yWfaIkfW%2BjwqA6ABtBTSH%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfd9eb56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17600,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cde7577c342beec15617b845476451a3","sha1":"bcc1ee6894258d132e811bf384d19e13ff405c74","sha256":"f0eb5bc5db06e4408a3d5455d4a7ba107c5be5266347fb4145c70d15eae372ba","sha512":"3d3575461b01c32f32b5d1739fa0ed66646939388ece343e26db10bf94d570362a23d2b9060c0d35da287bc61e67a3d26354d3c8e115cc6bfaf89d9eec119c5c","ssdeep":"192:CdPpgXCHEdedafvyi3Z+oeCdKYnmtc9r6+ZxMSa8bKp9WUfVWX4iQ/wmJWM41pB:KPpVHEQafai5UtETPvbKTFfAoiQ7Ob","tlshash":"5e82c039bb0fd3aae69afd7a0dda2d15031283cfa7021885edfd015c9f165e085907e6","first_seen":"2026-03-29T23:13:02.094094Z","last_seen":"2026-05-26T16:43:03.071678Z","times_seen":5,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":335,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/venmo.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/venmo.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 47306\r\nlast-modified: Sun, 29 Sep 2024 08:37:12 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b8-b8ca\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DlgkmSgDqmEjgRvuugYU0eGEc7zKdV%2B4JOMm3VNXOT9QLdH7gvV4eTCTT3YZdF%2FvKMRfznROOSXKK%2FPklLQjWsmuDD6ZxeSlApQVAro6MOMSktcYe7xp6TsmKMFJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99b456ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47306,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9d873b72e82a98ff7cfeb6bf8c55df12","sha1":"f73c32c3630324599e41d4dd45eb484ee843d329","sha256":"06964dbd5d5f72c64df993c9220ef8add56361072386108211e7f2c39aec34e5","sha512":"7cf49313ab639258dc08790ebee79e2c2ee0efa1a71a84ecf8a2a63d61f64e6f5be0bf1b145c60bb734b35a13401e98c860fc8b7d2456aa31c127922a64b6770","ssdeep":"768:vnvzrSao8oQ9e/prej9l1AcxfErN7Yv/ZBsvLhquWDlc8e95BV:v7JoZBsAchERkv/3OhqPZJe95n","tlshash":"5a23f1a6fb17ef50f8d5443a09e5bf54f909ba642f30a491f3421784b2229ca1081baa","first_seen":"2024-08-20T12:46:43.90606Z","last_seen":"2026-05-26T16:43:03.072805Z","times_seen":7,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":82,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/vivid.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/vivid.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4602\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-11fa\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CpWUvZ6phRt4u6g9aFCmV8H4LnDlook34fL8vDo6PP2qtnPqPbgU%2FJDRYQuuoGAR6eqM53P7ij4Q8HXhQUjEZgVAk5Uf4uhalNi3cvHqo1CMgGN9ngGo6BvskWuj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfa9c656ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4602,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 600x315, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0faea9f4a2d0b6223fe586a7d274d623","sha1":"5519a28ef2587f03fc2752b44891f6fc93a2a7d0","sha256":"ed1a6c31d5ea49dffec08a47c68ef78928fe537a51f9a92b2e1414541e800100","sha512":"c627ac15807efe8c471b6c8416bdb6a1231bc761a06b5fb4e7db5d6e4bbcaef518648a3a6e210609871964b2d7a8862b2a7585f632fd1783391d8b4a3a8ff550","ssdeep":"96:JCc3uU8n3cHTY0/fcroewDMqCNrVbB8rdoYzNtIlRQeTQ/LQJZj:UcD8n3c00/fswdCNrpB8hoYzXX/LQJZ","tlshash":"4f913d6bae4600d1dd45f270f4dd56a809a14923f3d36de861ec48ff9073287671b54b","first_seen":"2024-08-20T12:46:43.836162Z","last_seen":"2026-05-26T16:43:03.073731Z","times_seen":7,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/bluebird.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/bluebird.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 64792\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-fd18\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9kSz2xvBVQlVgjG2RJ5rkKSZypGh5Oi7taTI7ftNduRZ4sqxN7TNJgeGP1ZZO90q39j0Sfd%2B3DeXlrX0QoZ0qeL9wAGdhkMEgfR9OwYiOF4E934UVaVug2LVjN2J\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89ad56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":64792,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"974600227d70f009041081313ffbc9df","sha1":"6b5c6deac8b5c226df00237c93b645cd1bcdabf7","sha256":"28fe5417336433264647f3fbecd39c4196d690e13726c839bff1e044c94bd6e1","sha512":"676461d4743eded7bc9ca7c1fd0a575a6e4da8622b9a309a33ed0cf2cf55031dd4eec6485dba85c64b3bc5b16acd03778977e142b68b74e0266d29a9e904343c","ssdeep":"768:XnPZ41BgA0fvqETMtfyirss3V4POO9m7/dSWBC7WpJkE2+zhCiMMgaaiqmjf:XPZ4EA0qwMtfGsSK/BEWh9Nng+nf","tlshash":"c853021089a0bfd7efa0843e0304b994f6a21b267ffdc7b05865794311ae749e1fa715","first_seen":"2024-08-20T12:46:43.859265Z","last_seen":"2026-05-26T16:43:03.075212Z","times_seen":7,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/robinhood.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/robinhood.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10128\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-2790\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KB8IY%2BVP9zR6ENqx8qci5zHvuTGhD9i61cBacKv283eOGDr%2B9lx4edD4FGAmqG1YZw2CD1rpaH465ZAujora%2BFO%2Fe7t1etAohgDxiZA16gECoq4m9l3Zjxm0YauR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99b956ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10128,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2849ecbb2ebe138b73f5e40854da6c3d","sha1":"c40f973dbe0b2baeb23e9912b53caf9c40953530","sha256":"645835172925a4164e2e90c0e3bea1e2a075b7725c4b6f5030337bd59cb40785","sha512":"4552fd94ebcbf0352cac63e2e70e9f6471c25cb7cc2b3dc1c4b001ab30e450277c35c07df4ac11f0914c2ee90c6225ac128464ab348a7e82a3d86c183cf92082","ssdeep":"192:8TzPjPw0F9uP6yw+jBZ44knoHChuCYDtDl:8TzLPT9u9MnruCG5l","tlshash":"cc222b0167b09d00f5e167b079f4cb73e31af6227663445b384d1517bf7486a893a772","first_seen":"2024-08-20T12:46:43.845935Z","last_seen":"2026-05-26T16:43:03.076685Z","times_seen":7,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/selfie_with_document_on_info.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/selfie_with_document_on_info.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911b6-1f955\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OGLHefdqKxOfF5o7MF%2BS6uGHs0C9cjlKE75oazZahXUSMmY9zDzGDOLEujbOQ6ZUrpGQ9w43W4nAxbcO5F96DI6wdVpRagw42A3tMELSast3OAopfVX6bh9lj1yb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9da56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":129365,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x924, components 3","md5":"49d9da26c2fab459686c3c828388db55","sha1":"591a3cfb96dcae197f157d93cc27dd6f26fd809d","sha256":"19e95f64cf027000eef205e7f6a0e6ae76912d66f09dcc6f906489e993b9dac5","sha512":"0242001b37612157a1c79ae5249bd94b22b1a3fa34e097c654d092c8f252a7444dc3769d9c9373545d941fcd721abcc2aa81e9fbec1bb9801fb9dca4fa2373de","ssdeep":"3072:1OHJ6IekqAJN5wJ6pUN940U2H1Zdr67zsQzWTWbJb8LD+LUEshF3+:1OHGiJLgCUjK2H1Zdr67zbyTWtwrEsnO","tlshash":"2dc39a83a80bd933b90ee1781a51345d7907a59263d34b3a6c292bfff72c09a4dce915","first_seen":"2026-03-29T23:13:02.087582Z","last_seen":"2026-05-26T16:43:03.077562Z","times_seen":5,"resource_available":false,"data":null}},"time_used":382,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/google_voice_account.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/google_voice_account.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10310\r\nlast-modified: Sun, 29 Sep 2024 08:37:04 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b0-2846\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ihdBaVsvENDjMeszeiee83v3BbaAMA5fXW8bEqMJ8AYWpembM3DgiGeJfBQ7UPd%2Fr8uE69%2FlWpBL244f6vsbudnm64Ug1H25oOIZOHIyZgnkHFJqnJ%2BfgSa60CZS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfe9fd56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10310,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1e552e4c27060e37a84be9a779e16848","sha1":"36a2ebc85e2c539a27fd788338cb7f66b547580d","sha256":"499ebee596b2c5ef95930257a4862badc880faf377887096bc42671d0a6ebd2c","sha512":"aabe7c66fbaec4d4ea66f368d09f44052c289ee510813da13ff33a9c8726378702fa0c457d9ede1884713eea14ce2179f63634c30e606b8d947a46014b2d1432","ssdeep":"96:/SI6zYoJxR7ajvcz03qi7kbTL1A12n4Sl:6IqYo3cjvGcqRbTLi1K4s","tlshash":"73228d58e43b8005ee86bfb423bc51b47ab71eb81a7ceba41614998c37034b6d12d084","first_seen":"2026-03-29T23:13:02.12014Z","last_seen":"2026-05-26T16:43:03.078898Z","times_seen":5,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/bank_logs_guide.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/bank_logs_guide.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8926\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-22de\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LjaEbx4V%2BCR2nbGcdOOvrN313U5ak5sirlRakOY9Q4NaXmWn2H5e2SmgbKCl%2BamJUi4KaQcsVsre0SPcKu3tFeyJjKEzqu%2FtqzMIzl4cMK%2B7oJ6mjh79rVaGKirZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfe9f256ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8926,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"720b8310d074ae198110161a2bb5dc22","sha1":"14e54ba0f6cc386677cd02436e2551955467238a","sha256":"d43417a7b16d5104ab4261494f3acd150e2f554830f7724fe0502e859f8bbbcb","sha512":"36a1ce2d51ca44e250c1641ad3c17b018c1ed64eee7c5fac00d009ca46b5eec0ad7c3432d1d6212712f2fd9ad35adee73e334e792c7737f6f423c5659d28c557","ssdeep":"96:LrTwh9cf4BC2fYaj1XCVb/pHfCPfilBYKyO/Ezy15K2:XT89fBRfYq1XCr6gBb3Ezy15K2","tlshash":"61026b7d12685c04d00c8332867d6d1bd0c10821a0fc7e7e6bead9a92035de98961efc","first_seen":"2026-03-29T23:13:02.239975Z","last_seen":"2026-05-26T16:43:03.079718Z","times_seen":5,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/10_protonmail_accs.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/10_protonmail_accs.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9334\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-2476\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dt4BlYSBz3FH3sr%2Btae8W%2Fg8pHAGlrTb5JD9O3vxP5LlYZAoTVakrVFChuCWAcZFRJmkNQVynDgLAUjzZfqtlHLnVsG5%2BGcpWjgPxXYizRubhPfRWwGS5Ro0k%2FUA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bd0aa2756ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9334,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"24e5c2cb3e53e07847a21f575723dfc9","sha1":"beae09036c9f6e92d1bd4854c0332bf771b6da9c","sha256":"15e8906986c0e37734cca8b1d5f6860300ad8a1185fda9d9683ea634772d17bf","sha512":"55292d1e7fb7d4125b22cf72669419fd30f6b6cf29e4a7adebe3efaea60192edef670b8e2366b45ccb6562ea3df54e53432e05b5f13d74c5140943a5473bf8c1","ssdeep":"192:2jg5Xcz+gohoqsER96zQJLak6CuvH58gvZmC/4g:9x6+g1MR9J6lP6UZFn","tlshash":"62127e2bad6c5d81d703b9fcca7e0371256c7844bf51d70922c024c6b78aa92742f1b5","first_seen":"2026-03-29T23:13:02.216808Z","last_seen":"2026-05-26T16:43:03.080678Z","times_seen":5,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":183,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NQLtyfAKgu%2FIESd8Hre6UnT%2FhslR%2BieMRWNJasIRlAhTFR72GYG3zKe6k982RhyvsYYjjlYhaUcNiIPigVfnoArMu%2Fwb2GuIovQZz5tr8RkZkDTIjFn3CF%2BaqFVv\"}]}\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf598a56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":196,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"62962daa1b19bbcc2db10b7bfd531ea6","sha1":"d64bae91091eda6a7532ebec06aa70893b79e1f8","sha256":"80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880","sha512":"9002a0475fdb38541e78048709006926655c726e93e823b84e2dbf5b53fd539a5342e7266447d23db0e5528e27a19961b115b180c94f2272ff124c7e5c8304e7","ssdeep":"","tlshash":"c0d0129e9183638b442225907ac211d2654d13a6b87645e82d82a48a951857dc5ca69d","first_seen":"2023-03-07T12:06:54Z","last_seen":"2026-06-08T13:58:11.865255Z","times_seen":104155,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/stripe.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/stripe.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 22496\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-57e0\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zHnjR%2Bx5T5qdYqhPo6tc3NZxOAyVA2e41P57Bu%2B6giJFonn6IFrYKiSDVV%2FzyLRiZD600qz1mIH%2FSfkvJaItH4ozU8iMpF8hoDzgKQMHuFE8BTwO%2BcbuvG3Rf9I3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf698f56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22496,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d76038563924e9418b75277d39aaceb8","sha1":"7993934b202297d73bb91715b60aba8a87771b6c","sha256":"89efa959fdd00f0a5af3a56378c422a73b9e4b327751cea3f642e6f0d708da2f","sha512":"399cf311c054be1dead536cdbd6df1ef64275911e057f2e0a731bf6d15b5d1de3c04acf77385354a88adb8f406449034fca2e649ac8dc2ead7fdc24734303e50","ssdeep":"384:45kMn/l4dLIjrawEb8cfu9NJbOnUpUTI3vsMYSI2Is5ylXrZuVN:qkalkLIrad2NEUeT+0aYu3","tlshash":"c1a2e1b471368788d709fbb489e0461afae87a1f8bd046be459450e52da00129cbd3ff","first_seen":"2024-08-20T12:46:43.854512Z","last_seen":"2026-05-26T16:43:03.08155Z","times_seen":7,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/natwest.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/natwest.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3414\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b2-d56\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IaYXdK%2BlTWZ6W8QNAp5Pt3eH85OHoCqedcujtMG20UpeuTOVVjJ320vGubtRbEtN2HJQiwBPN3v6zF1fC8y7RvCLmc5xwb9Se3OcHWDpfqkbxKgFBf%2FAvPFtdUJH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfa9cc56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3414,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 445x275, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5f81d3e7c4c1b71e5f78c6946af18a95","sha1":"472ec7f4e43f8788b3eb26984ed2f1010571b608","sha256":"16ab062130e623c484e9638372aece10957df241eb3098669e9108a025d7cec8","sha512":"af4360ab5e0b86b000150de2993012c418ddb9d20df787fb64d2fbe0c1091e526392dd3787bd824279ba151881b7d78a3b309a40445fc500c80a3b88b94bc198","ssdeep":"","tlshash":"45617d88b00f46cee2550fbdad7ec2d84c18514816a2857872af3e8de578c3c0f845f8","first_seen":"2024-08-20T12:46:43.840973Z","last_seen":"2026-05-26T16:43:03.082633Z","times_seen":6,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/selfie_with_dl_uk_real.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/selfie_with_dl_uk_real.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911b6-13760\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=75ltemFbvn7URUWC1ZwJcu%2FVlpnBVfzNGo1MEtkq0VkcBljqZ4p1azjfxQ%2BIvjqVOSQRU6koZcPyLzq6uHU9E4teNdt4BC6fAcjRBZBph%2B0HPbygjRffPn19dtS4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfc9df56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79712,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x860, components 3","md5":"a9c26883c7b3399186b5d4d157531129","sha1":"abd7b1a63db93ada3385db1d802957185b12c711","sha256":"8ab88d8180e141422f1a4c8b9824a90523c07c33f851c89a6c50f8b2c96a43bf","sha512":"b296ee4111ba175ef2c0bf5e0f2e9b32e164c2b24c1a6180a646cf068d735b753920c61098294f00c41e2515daf00f7747fc1472f8d99c53df3c3690f93a9662","ssdeep":"1536:oVlc9cc5Qw2PtKMGckikY8uzbCZhTjfll6JgYBOWPpJm5+n/5I8SJP2Vc94:oicXdvb9FPC3TjflcuNWRJmAn/5IN4VB","tlshash":"ae731235f92a2305c2be6632da664f938cc40c6bfdf9caa40811dc0d279a04f9a576f5","first_seen":"2026-03-29T23:13:02.163539Z","last_seen":"2026-05-26T16:43:03.083599Z","times_seen":5,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/fakeid_with_shipping_uk.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/fakeid_with_shipping_uk.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:36:56 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911a8-14ce4\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BIxlUVVhh2v%2FKubdHAKPNSFWiQctXuD8%2F7GpZHdEUwrvRbCk0RnSVpgm%2Bz%2BAFafV11MvbPEOwQMDxfoCqiRGkj%2Bk%2FTqvksSxbzQ7N77U89dybn16zDSI%2BrqdQwBC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfc9e656ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":85220,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x846, components 3","md5":"ea0046a6d6a9a6ec23034465c3f68e02","sha1":"aeccd9606048fa8c5c2a797f17f7165b7e7ecbb2","sha256":"424c808f54b68fc230779b71cd71cf0a472ab8f9f17cb2c05b37285c84d4079c","sha512":"0ca95dff6a213b6bcb9db456f852082d600d9eb64c951dbcde9f7594c484b1f32377066c892f2bd1b67ca170dc8fc33dc19bf510ba1d1f04f7eae606f55f8aa6","ssdeep":"1536:tyOSryhk6q3JIOK/Y8Ei7MBCWRqBR4QOhQ4l+raFZ5IFbPh8v:tOyN4I28EiqCVR45a9eFZSFbZ8v","tlshash":"a4830242b690b204d109b237ac9142df7573dce67771da7c66002a3f32f2cf96a58a5b","first_seen":"2026-03-29T23:13:02.197289Z","last_seen":"2026-05-26T16:43:03.084468Z","times_seen":5,"resource_available":false,"data":null}},"time_used":385,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/assets/bootstrap.css","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /assets/bootstrap.css HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 29 Sep 2024 00:30:22 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"66f89f9e-2601a\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ufnDfZG1c1Q5rDC66ssx9Ip7SXK%2FA5T%2BteInqScwkbpSCfWFv3RRZfzkH97RsAeWPfeJZMzIkTjL4SUyethsCcf8HYDJjaMP1iBlAjq448nw7x7auh92zm4NTUy2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf598956ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155674,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (303)","md5":"b0f06ac6726f57c40ff593cbc44e25c2","sha1":"9c51d4048df8888533704016b01a78e6c6231a26","sha256":"1e663be1c8a169e5a49899942c935c6b7c05121dd2133e389b5b74ba446ee94e","sha512":"b3928bb762a9f9d64bef61e4eb88ce0c32f74cd108d2f3d35303cf238c36403158609deffdc96e5e847e723b2af41f163f96293edc4cdef74595f03b7c355806","ssdeep":"3072:6UTuonFRsSCSnjqPQwykD+7KbK7meYxh1Li+mwJBKMG3ci:6UqonFRsSCSnjqPQwykD+7KbK7meYxhI","tlshash":"4ee397d8f6b02900712bc1993493de93771d6082a90fdd35f7a2246caf8d2994673f9b","first_seen":"2026-03-29T23:13:02.213034Z","last_seen":"2026-05-26T16:43:03.085537Z","times_seen":5,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/other_crypto_accs.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/other_crypto_accs.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6430\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-191e\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hZ2YekN0IYO7phdachEs0aMJbfaniKGVoKiHeka2lY016GFSRazzhpoNsiugcyXuEF1yc40Q7GKBaQ8xl4ZLwCxKa2zPftIVoEoJhxsmalfIVq%2FQWESqOL%2F5T9VE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf799d56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6430,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"106df928751a9c72aaeea90291d3c36b","sha1":"baddfc22bb7dd48237acdfa15e6cc58a8adb3bd4","sha256":"a750b4541651d90c4e667d4209c86b1ec0f5e55d88e0fea6699f25d8e0993bc9","sha512":"79ba2629683d6e3aa9c0a630f921ac40e6b385995c9f90dcd205d3eaf71a15d09172af308e5c5ff733def5b4b74e7eaa7974548759a22d31e0179ea0faf295e6","ssdeep":"96:yMAtFjN5gi9ge5PjN3aeRWNYwqTsSkgIKTCakbVV:PAtr5gi9fBzRWOUkk","tlshash":"4ed16d64d93db12ce276b13856f97860ea5bbf8c3cc68ce38e342d2d7c56c814284329","first_seen":"2026-03-29T23:13:02.231933Z","last_seen":"2026-05-26T16:43:03.086479Z","times_seen":5,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/blackcatcard.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/blackcatcard.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 36028\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-8cbc\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L%2BWTtWEfj0USqLA05qNgSJo3mIhDLxirYn94Tdhg23hGXeLyd9oqQ2RQFh5MrHpMqUoLheCIAOghveWnHGGfXR6647mAi7BEBr1RNnonyfd6rvtegqBeBW%2BakexU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99bd56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36028,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"65d0456b96e0da7b0b2832ff92a11b39","sha1":"76d17620b9c29d166e5731846ab15f1fb885f3ca","sha256":"cdd40c63e4bcb307573b4d7fa45853b763bbcc8bedf1d4e3a1879517e5861ed6","sha512":"4e649cea1acf8dc0ad9127c37ae5e322a73d80f9f8fc4272b271dd91dc8d4e09a52cf1a4f815bdd6062a7cbe62d74c016173070047167cc857cb5c12aa50fd52","ssdeep":"768:6dpvfR3xw/Ma9I4XDcqpIFydhOP70/rjCl/Rqq:Ivfdxw/MaG4Qqsydh47QARqq","tlshash":"76f2e0661c25f10df5861db88ef4938c5e87a3a5f7511e70133ece2aaa24ef49a08487","first_seen":"2024-08-20T12:46:43.834016Z","last_seen":"2026-05-26T16:43:03.087835Z","times_seen":7,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/lili.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/lili.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6760\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b2-1a68\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vX79tODQzZC5GHp8g5zjm%2BGPx6t1blW4Xurth6%2FyqgQ5aorcQwfhWxporscm86JJfvNmu0sVDLq80i2qoGOJBecb%2BJj4weTdGQL9QUDS%2BWCACPvy%2FWHY0LauMb2i\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf79a456ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6760,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ef013f2e353c5d9fd2a27cf09553ffe8","sha1":"dc9e5d9528fdd08604a88ee399ab108bd4c8ce45","sha256":"7dabe8645bdfdd9aa3282d04f5262250dc801da6b5bda56b3a4f6face85abe58","sha512":"559f39610538cfe60bc02c3e2df54ec82daf42b1ee74a507d2f2349cbbeb4f46c74f7a8b2504fbcf1b0fc24adfee8d624a03e936ed4eb1d1b23ecaa6e65f7868","ssdeep":"96:movlFfxjgY2DIqMgtrgBpaJeGc5HIlT/nCMxgamViPayS1kyIAimTi2dYk2A2qcU:mcHl2DIqOG1bnCMihgPtSGBvmTp6chWK","tlshash":"0bd18d938c6dc035e39c3332f792275eb9ac2d74a1ee9bdb341855026e8702b2584a77","first_seen":"2026-03-29T23:13:02.215433Z","last_seen":"2026-05-26T16:43:03.088772Z","times_seen":5,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/invoice_on_info.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/invoice_on_info.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911b2-10eb9\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iAhoof6XTzAmcz6onDfsG4PoJ2jbSoiZvxzGoQEGRpyuYy4GOY6pRIezd9xoy9U%2FK9kUUEk8jtOmxAgeuiuuMB57tlmcGYjUfLAtw%2FD1N8s%2B13SVj9Ev%2BjAQyci%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9d956ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69305,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x911, components 3","md5":"3830aa2f5b1f02358e3ccf713bc15385","sha1":"5715927dbfaf127864032c5859a7a1b8e3e17a23","sha256":"c6338e2e2ed283a32d9b1920d4dbb88a59ac29e0f00c5f061745f8d552a24fdf","sha512":"88ce1efb38dec3a2d82e0c2b451e475cf8ca9b0937e36824c3dc90bbc14ab8e29da58fdbb77c9abd161ab17182d7634aef29c271deccf502e684ca00548809af","ssdeep":"1536:lpPBQAiLmR+WaxdfxO3iIDwVOMc68j4mIreGuZUePUnYE:9QAFR+WaxddI0W688mcOUIIYE","tlshash":"2363c00f3784ef11d7a1efb26602d50620085fa9fa50815e98b6163c15f9b855e28fbb","first_seen":"2026-03-29T23:13:02.037291Z","last_seen":"2026-05-26T16:43:03.089688Z","times_seen":5,"resource_available":false,"data":null}},"time_used":352,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/credit_report_check.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/credit_report_check.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911a6-1a68\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qIenUZ7CssLBUS4Cs87ayh6trm2%2FgyvG6bfS5wTsSpH9atPu3RMei2nuThv%2B2BJbBSSi2ExLNa4InuS2j6C7NrdUWBbjzwoe4%2FEvdaUaWtA7qoN2AHSaH6GrEceg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfd9ea56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6760,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3","md5":"ed4ebdffb3fd6f7bbd9af3656648cf76","sha1":"74da03ef528213b052ed3e3dcaf598fc1788f929","sha256":"4ab99eaeb6f3822b312af4056d238a2bb8df2999207fba92391a306a94dcaa49","sha512":"1d38bd9365ef17968f60b0c2ab71d7ec93c287ca4121bad388240707ab812d0baa4aa579591bb5a38db4a79b09cb0e4f016614a8d2261675d00e32003ce804cb","ssdeep":"96:QWWDSnJL3V7W4dhwnbh25woGAk9o4+vqrEsYaK9l6+2ZeiWO0vzz5jD3Yu3:9F77/eWk98BsXK9l69dqJzP3","tlshash":"b0d18e0eed61e73be93cebf5da43828bc4ef52256c02087851b115a65a5181806feff4","first_seen":"2026-03-29T23:13:02.220675Z","last_seen":"2026-05-26T16:43:03.090521Z","times_seen":5,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/paypal_logs_guide.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/paypal_logs_guide.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8364\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-20ac\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vfi1YEd9YZMrs9fWipoZiS9439go70y4IZPgXJgfa2qO0VSO50eNob5uuWSeetSYM7wDgHxo9G7pAXhWK4%2Bvz42RyjTm94YfSrIyrX7q3G9dQ6KqE%2BI2y8YJQshf\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfe9fa56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8364,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"59243cc85101031be2bf30aeb9c7f494","sha1":"951fb3fac5ffa4dfe583586cf57a2f391b5b1c99","sha256":"9519d25ff7642c363c1c58457933a9193cb2d6b754be0f4e1fd6994025b6fef0","sha512":"6fc037449cb6019ee1f5022275283da5f074d5690b65ad7cb5be56732641c0952f9314144137c59854ace23ec78bd8b39035cc968d7dcba096ac6c20df383470","ssdeep":"96:vV8UZHtSvTKCq6vVbVm8lx89mkaMYDczC75MbYx572BSDmtMEnsN:vpZHg7JfbL8YkjYDcza3hDmZnsN","tlshash":"63026d94f6072d64c6b87e34e934b4ff0fb8568e128034bd7ca66ac37348018071a93e","first_seen":"2026-03-29T23:13:02.208254Z","last_seen":"2026-05-26T16:43:03.091503Z","times_seen":5,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/3_email_bases_sellers_contact_infos.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/3_email_bases_sellers_contact_infos.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7652\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-1de4\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w8qpGa%2FS2kC7xPqENRaaEnn24Dlitaq0naW4BAxaHBiEAmLX3lK83UUhc8WkiPe1Xu3gW9wB3gFpdyVeQtdadZK8OR%2Fqfr0bG3b8zkRKz%2F%2B99C6csPnrJo%2BNJp6k\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfe9fb56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7652,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1b3167fd61e83ffa6564f14d7f39f9d1","sha1":"d91184ca127d86da242673ad2bcb4e4a1f43caf1","sha256":"3b861504d05ff50c66fef78e8abd77fcef0ea3f4e2932b75fab3d1e7aa7891a8","sha512":"ae5b4833b01ca37b4a38d0b7a6ffa815782deb4148ec501ecde7f184d59435004c56aa66e94957c177d70bba2b2fae8c0aea54e2c43c278f6737d2c29fdd15e5","ssdeep":"96:sknU5Rk63GMMZEIswMGZ5YXVVv7aBZCy5sGwX+xg6Q+CA+amIHjRfjuS:s2UKdDsBGZqv78ZCQs6xLQ9IZx","tlshash":"bff18ec9c1859d3dd1647ff80f790a536304495ab7a88ee321638f1e54ee3f616b0968","first_seen":"2026-03-29T23:13:02.221939Z","last_seen":"2026-05-26T16:43:03.092382Z","times_seen":5,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/assets/bootstrap.min.js","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /assets/bootstrap.min.js HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 29 Sep 2024 00:30:24 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"66f89fa0-6b23\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cvqza8Qpxh4mLecUEsV%2B82Ri3QdNPKiRuggGaHG85%2FcuBpvIOT8UTLrIxpPo010WO7jm2CS%2BSUcfaVUDIjmOtmcrrmwZz8b7Q0qxQ17eM8CRdv1JLn8n04%2B9Ejbz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bd0ba3356ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27427,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (27306)","md5":"35db6a02dd31dcb7b3538a66a5d83fd4","sha1":"621ffc52b3fb74def29fdae0b93a38df54957365","sha256":"685b9588e16c3dfeff8dc8d5578000ad777574421d5186bcb3530ed80171e107","sha512":"6cf1a9d89ebb718bed00bf660666fcb969acd72f60b8818e2be7a152cbc021b793b5ae2dbb9334980020314eff89a2b40f3a4ae8b607addaeffdd15dee22fbb5","ssdeep":"768:h2vzX7Yks6TzySPzrtE1XeHD80gLR6fcAfwI0OCtgez:hEh7Rx7CCK","tlshash":"2cc25406b2313161079bf2f5115b020b723a7a7ee906907c38b9dae63db9c597127f39","first_seen":"2023-03-10T05:49:55Z","last_seen":"2026-06-05T00:49:58.537643Z","times_seen":39,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":243,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/chase_for_business.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/chase_for_business.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 114492\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a6-1bf3c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ti5fZcLjsB1BHVgNBQ4h%2Blsn6QRWXsnXP%2FG%2BU5qxh6%2FhPVI%2F3H9UTm2U3U8nFJjgPpaHQr7lPBFc8tX4iaGeDgIGbeYO1aiKjIx5nyuLf%2FwUGWuNK%2FJyLvE3hhA%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf79a256ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":114492,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cb7783cc26550d77c886f848d58084e4","sha1":"3d2edcc502106eda04b1c403afd4051af053e993","sha256":"ed0d284be10da94e160db80f305b37d6297be0a3d3d275d27f35ad3dff98bffd","sha512":"eff43480588fd10659b541b01b26b679b1ae21b7f1f860be086e269df76730281e44a1a2886a8d1aea3dd4bf762518949b42a5bae38e69e129e40c0c58777bc5","ssdeep":"768:1yzB+hBWJ+SBJkv61zxW/nUFB8lNaiJSFwOWkFg:bW4EGv6xbBS8rTVFg","tlshash":"72b3bf24717d654df0e2ba749b907ecdcb111ab1ca33c76cdae008859babe513314f0a","first_seen":"2026-03-29T23:13:02.194625Z","last_seen":"2026-05-26T16:43:03.094288Z","times_seen":5,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/random_fullz.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/random_fullz.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12200\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-2fa8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=meb1dPTDIi%2BIdrP3QT2mKTpjpvtDiawDLYX%2FJNccp%2Be2oEaANDX75VUS777Njd%2BhccHuUiY77ymEaNXm7YWTwWbwX2WarljWms8JHS50eYddMw2EBnPJ0UTizGYb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfd9ec56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12200,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f617fe8ebc7b9d268c2d109e64440d95","sha1":"e8b1d5ed8e159e7861cef35e6034cb3f6b91cae4","sha256":"090b30381d9be1929048811f5c5c2640a43024c7b7552c9ea98b6047fca42290","sha512":"89baae6c44eda7b68841f232bc8fef4675c7cf1eb0b309416af4c97239fb6e951a673bcfaaae1dd6e246a52174fb17dea051a84246a6f13ca9f68dcd5d371284","ssdeep":"192:4BGRdJumE+mftz/yKsJErKxcyz8VdaSsBdky:46JumETfzsGrKWyudCdX","tlshash":"7542b0e968a1156af54f3f39c126278cc135b9a0b478e9487dfd38f95c070488bc026e","first_seen":"2026-03-29T23:13:02.207218Z","last_seen":"2026-05-26T16:43:03.095197Z","times_seen":5,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/lloyds.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/lloyds.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 88640\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b2-15a40\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aN4eSW%2FvBqjuE5mIZh4ihbPXMbn5ZRIU4V7eU0NxVmiCq%2B05GpBql77NO2D0KwRnaAvjyXxpIaKyp3qlRkwYw4HWg%2FkW2iebce1MiI1RDedOXxZZsRgWM9Dub8x5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfa9cb56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88640,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"511527916f15bcc35a1870c0611470a5","sha1":"c4e590e1fb6b23044ccc12bd81d4d9c652e50da8","sha256":"69cf50bd569707be45e7c89404c71ea656b9e67982cd1f32d447a05d6c09bf78","sha512":"c1e5035d479ec1e23b867c33dfaad62ace348bba4c80a22c9af27a7ea8ad17a9b9e5f31c5c89046dde2f26aeb236fe62751aec827aa48d4d891870e127e14e59","ssdeep":"1536:usZB60vZOs3k9kzBvwVA3MvtduYFcyno3CcGwik9Mo7U:uOB60vLUGsA3qdfcf3CcGVo7U","tlshash":"d883011673f29466d120b4b3bb9eae4b633c0bdd12a6b04a944153331ede93742d8797","first_seen":"2026-03-29T23:13:02.249634Z","last_seen":"2026-05-26T16:43:03.096294Z","times_seen":5,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nx-powered-by: PHP/7.2.24\r\ncache-control: no-cache, must-revalidate\r\nexpires: Sat, 1 Jan 2000 00:00:00 GMT\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T%2BP%2BSn8eQVCv28scNUzlWQtQfL73MdaXMuVi8G%2FmKv55AnqPOlfV7JkRfNPSqloORQlkwITGyjvzkHEvnjr%2Fyo4dSOlCnoCPLxnwM0qb81Bov7SC3CSK9Y%2FrRkVr\"}]}\r\ncf-ray: a01e3bcf698d56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery UI","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.2.24","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.9.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":104683,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"bd5f52299e577888ca342507b88d0a1f","sha1":"84ef02abcebec209e277aa63b99556ec3047cfd1","sha256":"f21f75dcdebc03e2fb2259cb6b9e834fc4a1a24034df02d504d0a93616e41bdb","sha512":"0a8ad4097cc429757731dd99664d6558c32851ad2c21064674d97f403972a0252faa8f732884f50a4c090b1a37cdb66da8a1a42aa937b61f5c05dd17fda800a7","ssdeep":"384:sFyRcX4ZujQHKoc/oGCVuBn00IYVF9kqzO6sVj0JEZGdYghdr5:kpoZueKoWo1VuB8eFiaOvVjeEihdN","tlshash":"58a3cc3264faba37467341c6e64a6f49fee3902bc745290479be93c31fb8c12610756e","first_seen":"2026-03-29T23:13:02.065339Z","last_seen":"2026-05-26T16:43:03.097224Z","times_seen":3,"resource_available":true,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":331,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/shopify.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/shopify.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 95260\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-1741c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d6a8SbGd%2FD3WzymrGyQKlsCzGc8QHvlftKtPmDEUZcaKZ4qsYnMClhWq1s7NYjE5vJ68YM%2BZJ9eRm8chUHNVxa6WxxvMjaXfFq%2ByJ0MnQt9NcgxFzkvbYl77W6cB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf699456ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95260,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cd04c75a06f88f4eef1b87e760bbdfed","sha1":"a69b6bbf0300c12281deed7bef4373be3d1843c8","sha256":"f49dcfe004f45b341b500bba5b82f5d496f514f4e6844cd16bc023a70529e6c0","sha512":"dad49fa2b07909c19883c91b93eaca1705c22c44405ad5771f5ae1636f4dc35ab632102a6cee364dc0d47f339fc27718189c08d8584f31766ce0102204bdbe48","ssdeep":"1536:aG04JDquKf5OQp56GVfKz21QDcKM7rpttfPRy0/3bwqVH7hxYI4YV:aLkDqr5Ff6OS21QDcKM7/VU0/LHJ7hGU","tlshash":"8a93023406632d8cd822b2751b73e172b97e75da47f6c04f05a74eaedb2a746c600e4d","first_seen":"2026-03-29T23:13:02.185301Z","last_seen":"2026-05-26T16:43:03.098518Z","times_seen":5,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/eu_bank_and_crypto.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/eu_bank_and_crypto.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11274\r\nlast-modified: Sun, 29 Sep 2024 08:36:56 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a8-2c0a\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wco8B9ruEDF4hukcXvEJZrZsxrqXxd9MMTkRgRSKYMtp20sDvzls%2BgalykAzTweGE9SszgLIQx2izqfyn%2FhmfYg1jQ%2FViCJ4PW6DklQ1xO8Mf0wXGhyM8f5%2FkVNN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf699656ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11274,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6be8412c0083c0434c4dbf534ae5e278","sha1":"5b5eb110c88c15f633cdfdd579e80626b6e774ec","sha256":"fc4e415987c168360c4a3fc487e2118181bd9bfe8f60f0af0213eff93bdbd87f","sha512":"e34661df85370c56ac182a7a70d9b1f52f862d41ed54e1a0c8ffafbbba2ec335b5d45a17997885c64f95574985a848ec7ebc30345b33fdab89b96f4dc2692a88","ssdeep":"192:IJ6vCuSn85kNFyK4284ytDNLE+8BsOcW60uVA8Ha:jGnWgh4Gy/j8B/bn","tlshash":"0632bfae152149eed1aca87dcf92fbf301c2ba5d09e78281501b776a4b984d5d80c28d","first_seen":"2026-03-29T23:13:02.040249Z","last_seen":"2026-05-26T16:43:03.099536Z","times_seen":5,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/moonpay.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/moonpay.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911b2-99a3\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ApqCtqUNfyeWxk4%2BiLsq7GXJknHpY3Me96HpDMHOPdaPae%2BC0kLOrwdWu8uLKk3KLAewslKUNsRxrRZUq%2FM4AQnx%2B6gGdOg1iz28XBxoGUg2qMcuCFvfSWDtpW5L\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf799b56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39331,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x627, components 1","md5":"d197d6a0bb5fdf4160394508e4b89a94","sha1":"2bc1ad4106b93d2c79091b0467fe84aebaa65c79","sha256":"a6b7a406244020c93174d9127c0c1291fae1f15255a6c7ddcee5ca695cf24bf5","sha512":"ef11d3b77013c26dde4a9c371bc7a934194abd7fae232e2eae910eda369d264c055459f9984a9f6c3174765ede6ae69c3b21a65e6cf5f33bd4cce44914fa4034","ssdeep":"768:aDBMHWZHlO8V+EtwuGleeAg/ZG6vUCnIjYGpoR03lPS6q2Nke2:IiHWl8k+EaNlevQZGY1gYlR0CYke2","tlshash":"4a03f1a377275c8acec87876fed769c0859050e59f1917cd10cf8eb4e8e43b85990ba2","first_seen":"2026-03-29T23:13:02.256016Z","last_seen":"2026-05-26T16:43:03.100514Z","times_seen":5,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/td.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/td.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 21114\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-527a\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0NS2eW%2BwjDIJIwk7AznVJPDXuAzJJjTh3x3rtdglznYIe%2B9gLUXzbKpfawXEYwe5k9wDShYoo3e%2Fj6%2BUQeEQmDZ8KJy7Y%2Fs70sySkFHK3rV%2BDVhG3viq5Mq3gn9J\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99b856ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21114,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"05cb20383e75baad3c9429b22f5fffe0","sha1":"030820efafcdaf55b8a674cfe014b67a0c48a7cb","sha256":"25146bb258f31d9f6175894ce06806f50c6ac4b7a359b4bf37a91dd533d15e15","sha512":"31f9ed5c495077ca17a71123b0480b0d8d885eb3e39665e00b82dd80706103c34e2f697d804bb8a18fefdcb4527ab1663bca2b8b7e5be86b3c584a35890446d2","ssdeep":"384:HcLZwuyxLwSMKK0duVl5GG8FnwSsWMtrfjV/ImvrnImb/:ShjS56xktGFxI6rb/","tlshash":"1792bfee15f2a7ced4d407738e8653762f61f2ffa149d127accc06193e4865142244ab","first_seen":"2024-08-20T12:46:43.82999Z","last_seen":"2026-05-26T16:43:03.101536Z","times_seen":7,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/monese.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/monese.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 26568\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b2-67c8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ly3kx23Ohp%2FS%2FQx7ZXTvURErjJK87PZA1o%2F9R6%2F87Il1MNDSA5e9Iwgeml1sye671UFaPa0o09%2FBIdm8r6x8Mx%2FOXQPS3NxqzZdsWTfHXMdZgmeJp7dzbEERnvlI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99c156ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26568,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6b88eb9a489e34e4fc78bd584ca18f29","sha1":"a1a1cea17d6cc31538ff429c3869d8a7da9a57d1","sha256":"28e2d00373c3ae62b0d0fead4fe2f14cdbb06aac280bd9e393a595cc26b6bae0","sha512":"665b4460e9b671c26050298e8d69bd4fb4d6334e7c9d901078a90d7a4d9c5855dbff0703c2a9d061d5279e85b8510d19fbf71b348d6ff614f0332ef320ccd60b","ssdeep":"384:cRAFgJJM7bzV/grEQqDvLGO5N5/zb9TOPciZoXOtpA4OaDzN0hF:rBbZtJS639TqoXO35OgyF","tlshash":"97c2d07127354c14e83515fd7ca357e5e3ba0bb748db22f7e881361640802e86e2e6bb","first_seen":"2024-08-20T12:46:43.827108Z","last_seen":"2026-05-26T16:43:03.102545Z","times_seen":7,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/background_report_check.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/background_report_check.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 25556\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-63d4\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T8ba%2B9UI6EMTLODkitcFbqG8R3JxdCrxTWX5%2B2afNZ%2BimnAd3oVM0GJf7qPEbfRKxWt2xLeZb8wIGcr9ebvQeAKSL4CFPccQae%2FrrHuN6fnM3So%2Bq6gfYJ2hHtVF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfc9e956ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25556,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3156e6b4e43ac5312e8e35ca1e6b2e72","sha1":"12db79b38cfc8e9f08b13a49c95a9d4504feb6bb","sha256":"aca19b11d1955a5088ee5e98a39d3b70a9c19157ba55e1392c25f3f91b3f1ce6","sha512":"b3b9604a1726e80d6ee108c29d27246ca36a27d5fa7f0f6276a5c78694c9b00e40bfcff376d07983966f258ebe13e1ffe89aadaddf36f651ffebe2e39086ce3c","ssdeep":"384:IwpJXNZZRCKmZ8nSJzvN/9TeVajhZOZLXq12msCGLavT8fNKezFOhZF54:tX3CKg4czV5eVYhwLS2msTLa4FvzFOH4","tlshash":"fdb2e0bc27b99332eca9c7bb315b87d1118db07964a98e926c2d6fc40d7aec304550cb","first_seen":"2026-03-29T23:13:02.191752Z","last_seen":"2026-05-26T16:43:03.10352Z","times_seen":5,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/n26.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/n26.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10806\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b2-2a36\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QGf4QbNbypE3yqD4ggQQHBwb4qKQLM5AeqbNw%2Bd4O79DY%2FGoRBshhNI4CDH7tABONQIKFgu7qGlwwCHmYtsJhhJMwAsTTeR1A4JVK7pZBVWSfAZhDNMlzM2X7l4M\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfa9c556ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10806,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"868f705d22163ae5c5e62ab38275bcb3","sha1":"d1c0afea7b55563a578102ccd049bc42164420ee","sha256":"289cc7d979e0c05480ad429d13d4edc9263cff59428ecd52d2431dff7c628959","sha512":"f35ba0c6be6e003efa9bfb225366453942a0b9dfc15192d562b55634c2b4e8f57311bbc3a77fcfcd0eec8c671d60ef0109543b8d164361ba6275624a8f17d4ff","ssdeep":"192:zjOLXXgDXt6+O4rDVzt0Onc7ieHHfIfUh1AojxKxLI4j+R:zKDXgDdS8VWOaAMhvWNji","tlshash":"8f226adbef47424ed600813a1435f2feb5da161c677918b3a0052a301b60bc4267bcee","first_seen":"2024-08-20T12:46:43.849788Z","last_seen":"2026-05-26T16:43:03.104363Z","times_seen":7,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/10_gmail_accounts.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/10_gmail_accounts.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10012\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-271c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nz01dh0X8mHNhCjaNyGQ9OhrJtneequiHIgGWjEnYRaTgFuPW0Q%2BXACzOQ7uNGAVpFc6S4%2Fc25YhxUtTyRJe%2F1qDF97jyonnesflLyeCqOYb6ZpOrH%2FQv0dIYljr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcffa0056ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10012,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"61404f30aaaa622a89296ba35c967158","sha1":"1449059639721e36a7ef52eabc8b9cf05098ef65","sha256":"84d3ea3d3a032dcf39d0f32aebc7359a333b195206227a96b5df197b05094979","sha512":"cba9fbb25ed3cba697a89501e3a0e573cdd9088be1f1202e8af8b72eb59e66444a2420370781d8c9095c03d37a2c91c59dc2e9b9811050a3a531ed1cb36a1dd8","ssdeep":"96:rWMfEBMxJXOTaPAI5DoJiH6lnDupxsL6NU7WxkAg:r5fEmmEd5sJk6lSpxq6cW2Ag","tlshash":"b122aefbb396a004cd991d300b7e62cc3eb0182016acf86962b577ac58027cf3a10957","first_seen":"2026-03-29T23:13:02.096736Z","last_seen":"2026-05-26T16:43:03.105232Z","times_seen":5,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/js/jquery.js","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /js/jquery.js HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 29 Sep 2024 00:30:24 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"66f89fa0-17739\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oCU1TW2tvxh%2BnI%2BoGwo05owE%2BWCXMxkNloSAoaiQ5qV8a%2BesIPy31oq%2F5fkBySbUixOFaSLa%2BVs2cBOIvRqikOo4h3tLfvvMuI9RrbNcOh%2F24obnI%2B%2BACT8BboW5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf598b56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96057,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"91e2156b7dad6f71bff4879aa0f74199","sha1":"1d506a687a7502ed31f7d65cfef491f1fbf32197","sha256":"cfd61f3ec2c13add631fc80e23ad4834dce0b9b3bd5060021d98e8ae25e3116a","sha512":"189dd90ddc91a6e060337afd19d38b60d39750f39e27fa013c050aba38e0f03eb4ae5052ba12f9df3e240b62a802ed5952b7f23f0df9b7f14f8d595b4370ad5e","ssdeep":"1536:eZCiuui8KtmaALpm66yhUr4XriYyDulYOknL1dtbxBUqINM16u4WyF/XIOOKLfir:/4rVxq1MMYpFQWglwo","tlshash":"8e931add72c6b06257a7307a00af650bf236199d680d8440f169e8f9bc78e49923bf7d","first_seen":"2023-03-12T22:02:18Z","last_seen":"2026-06-05T00:49:58.556869Z","times_seen":38,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/godaddy.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/godaddy.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4472\r\nlast-modified: Sun, 29 Sep 2024 08:37:02 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911ae-1178\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NbqiBZ1qfWUBXE1Kua5qmOWQ7GS%2FnBjqPi8kf6Qd51F5NGhUogdwjwcXRiirU1IY5hRsqjKEQ6lrZxsqBW%2BUZC2kNe3qLcfD9Rv2W5AW5t1LJilhQAnlNPKRimvB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf699556ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4472,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"98296036dc4e0e1be63b7fba88e24b8b","sha1":"a4f9d83284d16e2e8491482fa6db2b4c9fc193f3","sha256":"0982bd665a50bdd8d1ef6682dbeae755893183e5c6a6c4e2d45bceab8c87aec9","sha512":"ee07bc741d0ca4ae36a2a53045818de7672bdada57fdfde564fffdd0fc00623a3772dc6a3a78cfed81a601668efcd2f21bd251fc49377b1693e4a822c01ccb5d","ssdeep":"48:YPtxZ5lWjp4jYeeQORxJvAPPNKxHhg8o89AWRST4bAuZf2htxnMvBM2LOG7A/pkq:EmSjYHvRxkFKJAWwUAuZ6txn4LOmwV","tlshash":"fa915d91eb6c0265fb963b35b4550d4f12761a60c00b8eaaa3fe3c3a06d17a8145f771","first_seen":"2026-03-29T23:13:02.067887Z","last_seen":"2026-05-26T16:43:03.106505Z","times_seen":5,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/bmoharris.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/bmoharris.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 287166\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a6-461be\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vqg4rTVzoA3NPFoKntRvfSIaZFqSllK0076JfXLDu%2Fw0G86CiIL7KOe%2BJqqI3B85ybd%2F6dImZg0Nlga1pF2xSGAYkCE3U3eG2dE9vn865yuZqBkFrMP%2FDXI4Qsxj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf79a356ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":287166,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0c4d1712d51394368a2d5dc85d0d9481","sha1":"42d991912d22ed711779d4cd6cf8d7fac24b2a94","sha256":"1aa0d82826adb95fbcfd76db192a9abb72e489a93e9aeef6da56bcf9c34d1e06","sha512":"5932384c8839ab8e2303b447315198bd5e2ed53443548ffee8791165db3dab21903d8c0ef4415ecf326e4bc62086fae4e8f196dc18993e81ebbe883c3c128090","ssdeep":"3072:Um4XK5HfNFXFGGzDYj4DN182KWkuw4SOtX7OTXi2NgljGDfwErZm1r:R4a5fpG3UDP82RkF4ZX7UXMl6DfwEdmR","tlshash":"f25413907ab7bf04ecb224b49315f9312229f750f590d7838de66220d791ed5e272aa3","first_seen":"2026-03-29T23:13:02.242815Z","last_seen":"2026-05-26T16:43:03.107831Z","times_seen":5,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":208,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/lydia.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/lydia.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 40768\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b2-9f40\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aRGII6oK3vVOil1%2FomU8RoLOMmviMrVwloNfAZLpDauw7%2FfOyIiBckstLaqX7wumKCN4oBnRjeg9KeAauLd3wh06v3Hd6WN90cKWY08DFu%2Fwz2tTCcB2B4qnl1RQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99bf56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40768,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0f2b38a5c75da5a99a0ebb15d8cf1dba","sha1":"a3e9b306e9b988fe75e04831083435b79dfc9a43","sha256":"fa810f3e93d6800ec95061b54dac3bf9b911554125e2aa17a79f9d583566da7d","sha512":"186ef60fc7f67bae8fdda834cb0de808217514c52b8077a90e20ec646ef38b4d19ea2dc756f75251b4ab463ec06766f27cdfa70c5a52b2e5ac796cbd90be3132","ssdeep":"768:2LEte3UJHqk0/6zIZEhUzQjXHnMLqQcwUF9f6NN2uUeSz4M5QCk:1teEbU0IZEh4KXMLq8UNeZMY","tlshash":"a103f101f7129b5ff90097fec158abbfb277b80a56536522674b79c10507f84e4bba08","first_seen":"2026-03-29T23:13:02.116623Z","last_seen":"2026-05-26T16:43:03.108994Z","times_seen":5,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/onlyfans_and_bank.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/onlyfans_and_bank.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8640\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b2-21c0\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bkX8RhxVqg3vgAMPO0zsqZ8Ytx18x3C5Xfy6h%2BZa4yV2mpq4jaZeJ5x0F%2FvYoWxPDjNO9pMhVDx8RhF7zAsuHayvYmHkahz3gphHRd0tASYjeXxHRC8IyjRla8oM\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bd0ba3256ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8640,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b3b56e4d9e86cca49242e6ec9c4eb49b","sha1":"98fc76eb79d02957a472f4084b43a941bf25fee8","sha256":"7bb9948f327364a394f79384dd0e6cd97c112df7a245cdfca0e65f8888a4fe5a","sha512":"f66a6d09f7190725a38453529685e48afbcbd45e765e1dd22b63427d70a81da6410b54f3b3896f1f34594842e4c2149b9a64583d504649b5b64a52a45b375751","ssdeep":"96:PSNh2Cwf2eZOwQIqT86G8Gr8ZbOsFsiX30Za2SEfL5qc1FwV9chcoA3Q9494lC:KT22eqnhZPKeLE9N1ysPcX","tlshash":"85028ebe51e86171ceeff9345a44a1c73a961412d47e8f4ef18ce828a926069f90d228","first_seen":"2026-03-29T23:13:02.247433Z","last_seen":"2026-05-26T16:43:03.109897Z","times_seen":5,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":215,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/binance.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/binance.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 71898\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-118da\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KqSBNUs3fIVsvZ43J7GB2ciARnU0RXyuoGWcLR8E8dNqHG0ICmiiME6Tx7swo9NIjkzqTDVJZdsY8JGCLUXLu%2F0i9XeiPYSAEocnKgj0dOy9H3t3VKTe3OzaZ2Ef\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf799856ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71898,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ec546bf5a9f10efac5634cb5c7b0ecda","sha1":"52c2fcbdec1b23bc9503b079fc06edc11a053e3e","sha256":"5a628e17f7e255e093632e4984f36e54f71ca45fb587b9d8cbfb422cc7cf6e8d","sha512":"60850daa17adaf80bd38bdfafa801b1e10bbd327103bcdd57f16deb4f57ccbe7f982d9a59428f25f2923e8cf0bc0d6b8d9fd2ebdd446ea443e1b8d85ffcb1b8a","ssdeep":"192:hwtaHV4adKeeYOVCrKRzYn0aYQpebg3D5znZPMJJDHrd4VBiONhr32IadjZ/Z4qd:hwteV4a2NRzLabP9nZKHrM1D2IaHZ4qd","tlshash":"ea63d0297b460a06fcc587385a814631b60aeb79d1d19df7f2ec3776b6027c061eca0b","first_seen":"2026-03-29T23:13:02.188485Z","last_seen":"2026-05-26T16:43:03.110676Z","times_seen":5,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/found.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/found.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 104318\r\nlast-modified: Sun, 29 Sep 2024 08:37:02 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911ae-1977e\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7ixaot6fEsj7YrSnTReHZSF6rPRBMHDsHj3Fhzlu31R3W%2Bm3ZLsxtAagTAhUV6wqYqpKEYjopADcgwRlQkQJQwL309zVTKFPBll7M%2BnG%2BqbcH7%2FEDE5o8fqBSr%2FU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89ae56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":104318,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"aca44f8982e0988135d0451a40cc926a","sha1":"468603b33d0c581d1a22421a673313a4d21bb904","sha256":"f32b17d4182ed4729e641629729e6b83ebf66f9a7d2100bcb6173cefabaa769f","sha512":"1e472322fde2fcc87ad5f969fa240737cb453ea5706e81fef0c3bb91ffea9cf975bade679b4b53154b22e4875d48f1947e86060c165a675578965a6580eb6ab7","ssdeep":"3072:BkIWUwBa2R7KXEKWN2Ol9OpsQz2mz+eAI37qY:FwzwXk1l94Bz2mz+eh2Y","tlshash":"74a312b58ee120b0ec43a07990af81d2268f4d6c5997d77918fb04f48d65a7e50b937c","first_seen":"2024-08-20T12:46:43.924975Z","last_seen":"2026-05-26T16:43:03.111514Z","times_seen":7,"resource_available":false,"data":null}},"time_used":378,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":132,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/bankera.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/bankera.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 15642\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-3d1a\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JHxCh2HnO6qRc2NiCWjmlYzOihElFy8EbS3DrEVLyibJx8qg18Yprc31JKX7g34cV5zeFlunslx5bsSow1Hc2O%2BZFAkmZlE9PvfVZaLATOwieOwQ18aVqC8G86nW\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99c056ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15642,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x738, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"554181bc1a2821e4948f5ba38e24e21b","sha1":"40007275a6b951e6a9008137d605b31e05d50cab","sha256":"d9ba6c60a1575ccba0caa01cbbaed88deb92f49f827c60353228eafcef00d4d0","sha512":"1ea62011af4eb37fde2ce35b316d9be7d1ebdd9e5d205889e8218bcc4a40a41cde4db8f2b1d14a314a8ddb2b43f3200cde1413fba9c5b76b74fbaad250c1257b","ssdeep":"384:77tMMMMMJGUkTN2DT/EfMGS5shhvMMMMZGndq8NwLV7v2N4dr/6TQSRS2z5rYiKz:7driI8NwLcq2TQWDtreG","tlshash":"17628eab1d326501e50cb5f82dbe6a2ddaeab357c828c1180059bc4a4c4fd12bf5f9a4","first_seen":"2024-08-20T12:46:43.917425Z","last_seen":"2026-05-26T16:43:03.11274Z","times_seen":7,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/revolut_business.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/revolut_business.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 74856\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-12468\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kd%2Byro%2Fs2r7B%2BBUu%2BrDCJ14HjkpVC9T4WFnIPPRK5Mi2yHAM23zgDXvDntCaqCCvY2Hz7R11KdOkhnWaZ8WzH%2BNABHYFs7NRNNEhH%2BOHpG5DMSt9JfAZG6qiTxzg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfa9d056ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74856,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ad0ded031ad0553111c2622c4bb85787","sha1":"dece28c758171d13b361b2218f8afe7e00f03549","sha256":"d3fd2dc6f8620919520974a3ad289881768feaab1a9096d37938720f43e2a1a9","sha512":"22acce0e6f328f500f6fbf4d3bdc82d2c653afb0d24d2843a91b4c4556f0fcb14ebb6b6ebc759cea845ded9cda83c19363f190db07d99b3248e407a2c99f3e8f","ssdeep":"768:xJaqjPllNj0NVi1f4sFiFpLrdxrcvRF2OLFwA3C8ugmSVtiwopKx:f5PllNoNouYCrdRC+wFwAS8upKx","tlshash":"e873f1f487ba2b1cc89109bcf2f96702f09676df18cf134960a99faf04448eb5d685b5","first_seen":"2026-03-29T23:13:02.250821Z","last_seen":"2026-05-26T16:43:03.11356Z","times_seen":5,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":105,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/media.istockphoto.com/id/656624854/photo/istockphoto-656624854-612x6121311.jpg?s=612x612\u0026w=0\u0026k=20\u0026c=u_jiKukF81fpFkOv3K_MKENn8XTOtLcW22GA6BYrpTg=","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:33.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /media.istockphoto.com/id/656624854/photo/istockphoto-656624854-612x6121311.jpg?s=612x612\u0026w=0\u0026k=20\u0026c=u_jiKukF81fpFkOv3K_MKENn8XTOtLcW22GA6BYrpTg= HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m7qFsawgnTkMN5WyQwuEwZv%2B90rDos1I1J5EhwkTMF61y4Pll%2Bc50wmiq6oQyZz6NMMgb7HVXvLbH0k%2FsXbJ0XM0xjShhNekIBOnPzWm%2Bz9wA6gaE3jVIU1tpYBt\"}]}\r\npriority: u=4,i=?0\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bd41a9256ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":196,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"62962daa1b19bbcc2db10b7bfd531ea6","sha1":"d64bae91091eda6a7532ebec06aa70893b79e1f8","sha256":"80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880","sha512":"9002a0475fdb38541e78048709006926655c726e93e823b84e2dbf5b53fd539a5342e7266447d23db0e5528e27a19961b115b180c94f2272ff124c7e5c8304e7","ssdeep":"","tlshash":"c0d0129e9183638b442225907ac211d2654d13a6b87645e82d82a48a951857dc5ca69d","first_seen":"2023-03-07T12:06:54Z","last_seen":"2026-06-08T13:58:11.865255Z","times_seen":104155,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/payoneer.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/payoneer.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 15644\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-3d1c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TLQY6VfmehHb%2BKXf6kTCavPFBkp0xYU2YtmkoRowUpdPkZUTMId2FoxbKP%2BUf6pel6mHRs025G%2B3FZ4Fc0NeWNF9xNMO5DdVvuShQtLXuve2qO2elM7C4ouRmi3C\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89a556ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15644,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d6f506ce6b0a2728f37a0798fb9d4b33","sha1":"61523accfb5a26a347b427c47b2d8bd59446d39b","sha256":"677d9b9854589c5cb1b49f46e5f921f6bb85a5bbf9f27380ecfadcb4a763aab0","sha512":"fb2acd582d70c40730fc78487f04f0021dce1b9ea49fd5b5d99c5664401a728cb35fc7ab824497306f461598ca33382f880415c565a7d8653a5f33bd169b1f8b","ssdeep":"384:mOQVUR8QCOZgIhpkjpIE8oXuwp+l4qPYYEmpD:JZ/hpkjpIyX0gYEe","tlshash":"c462bf342f06878fc68a81b82878919de64de748573797599055e4384f3ab201d6e0bf","first_seen":"2024-08-20T12:46:43.865136Z","last_seen":"2026-05-26T16:43:03.114469Z","times_seen":7,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/paypal_germany.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/paypal_germany.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8070\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-1f86\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=giZC2UuOpeO0PVIV8jDnRL%2F%2BsEbq1fWBjbDlGJzJpaRG19W7vrlFlnPBHJj%2B2X0Gba5RkNU3CM%2FVpKA%2B9MnZS%2FxqwKPZhGATHOdK94DRSA%2FT56Z7cotVbeIL6jut\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89ab56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8070,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"202188fe4244dae93db476a4a449841a","sha1":"f110fcbfdf40d01964e48bcaee040838f35c4db4","sha256":"988fc7ed442a532094b4585c8f20a92c6aa1bb589331ef77571ffff472e3645d","sha512":"e9cf82c94def449cfa39f7bfd09f1a9930a091e718b87f9a205a4615512fb425c956576de8cd7cbe19fd07164bda59c4aca4950f730e8e34d60d2834e681fbd9","ssdeep":"96:z5AslqYsmWQbyI/NYIi1aYHrqH6ay7RmZBoiQoIiafnTPfA0zZkpa81h2:SsgYCIl1YUYHWy7WopTPfAsWa81h2","tlshash":"1ff17d6bf1734806c75493bcb15698da0846534a7369d83d3e3520c92fd688befaa226","first_seen":"2026-03-29T23:13:02.182197Z","last_seen":"2026-05-26T16:43:03.115324Z","times_seen":5,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/drivers_license_us_real.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/drivers_license_us_real.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:36:56 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911a8-1a42f\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6LHTRap3VveN2qXvMW6ci1iH011aehLjw3Zi5jRX0Xta7J17q6GDslaycu%2FyG37ZBO1L%2FMdhVhS%2BhUDCLcx4VIJvbQRHvEmLzQ3Nl4EFpdG4UFKJ6zIaRcYyVNGG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9dc56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107567,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x890, components 3","md5":"bccbf03d39d44e917f1ba004c1738dbd","sha1":"e7c6ab2d6d9633f72291e7c54c4a1c9fa10c5a38","sha256":"f148a0d18b793abe616695db89d85a63b61871af62ba8d9b63249237a9e9db39","sha512":"60fb994278162441156deedae32c71296c98510bca463316be64aa402e2fb420d4b3f3943f43802fab1282c0897c3b4950ff837388feb074932072f8e281fd3c","ssdeep":"3072:LgaVviUP5sV7NeAQMpRSVIzblLCr9IWh/Ek6bTq+:LgaVv7sVd/FLCr9IWb6bTB","tlshash":"cdb389931827e627b58ad9340a517628b217541152c79ba8acbc3bbffbbd00e5ccfd01","first_seen":"2026-03-29T23:13:02.236933Z","last_seen":"2026-05-26T16:43:03.116367Z","times_seen":5,"resource_available":false,"data":null}},"time_used":429,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/socks5_proxy_for_3_months.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/socks5_proxy_for_3_months.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13428\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-3474\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KJ1GYpj%2FE%2BqDmVKSu0mJCHbiXIR5cPDSPdRwT2HGLJjCkTJzgtjNz%2B%2BsU28gWf5V3AVDLH7ICRcjDHcM273Y3gJafbu%2FWj4p9Slz4VCsT5r%2F%2F9usLUxBOPKlPf96\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bd0aa3056ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13428,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c5b8273c11820b8eaca7d455f6a159a3","sha1":"a447686385c8b135f7dac41acbf2569ebe785a88","sha256":"7dcfbeb76f6c674fbf820c0a8e7e7bcefb8d14bf5d78bf5d072b7328da33388a","sha512":"540e96fbb4841be7f322f7dc2996423e40f57465555626c178995040ea7c27d9a2788aee76f76f17091aa696db5db9f9e7ac904b421f2b307239071a49c84529","ssdeep":"192:LgPaIAN2xom4JxM+a+O3ssumlgtgJeE0pHVK:magxomun1sEt+mR8","tlshash":"71529e4dd8c06208f78216fd531ae4d5678049ff5649b9a0b38c540cf0e099b791b4f6","first_seen":"2026-03-29T23:13:02.254636Z","last_seen":"2026-05-26T16:43:03.117481Z","times_seen":5,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":9,"dns":0,"connect":0,"send":0,"wait":230,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/crypto_accs_on_info.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/crypto_accs_on_info.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7336\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a6-1ca8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2aY3g3Lz0lblcADtEpz63P%2FMYOUeNFCTVb4AP0ErmIdHxn1DtsT0FInU8fxZuIs9PE2USQHKBnI61f2c%2FO80J73DKdH58jRCzOFFAJ521Z%2BLEa7RpgkWLTL7ApMm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf799e56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7336,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"442e59f2996763e9354598936fa75540","sha1":"1dee1c28a155ce6e37d682ec15a9a0ab07008629","sha256":"6f0bb48f8df3c2403ac740ee8990e71969d8f935a36916494995e290afe52a23","sha512":"5f945a5bb077763b3c16953aede85066fa5ab06552da6297b3566514f89d1b95ae43a51a2ac6056eaf42dea97033b078d079dca7b4b21ead59a3a19b360dfbde","ssdeep":"96:1GLUk6V+M7KgJKmf1shcsF0zZkNFsw/xQX3YKuoYlN64bkIKqf31IwpAc:AL64gLsh2qc35ux+4ntf31Iwyc","tlshash":"d8e18daaa29d7233c66d31f6754e430cf064b231a77caee447e2dc0ae235889c4427c3","first_seen":"2026-03-29T23:13:02.150391Z","last_seen":"2026-05-26T16:43:03.118297Z","times_seen":5,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/chase.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/chase.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 440690\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a6-6b972\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xTFXhpq22RUUec5QiWXUmbGgHS1xFzsa32FbjR6ab0p4TLAzvPd9SabR9NWMDFUz9TIeyyvt7OEhpHU%2FLzARpytKHkUwRADRJ87AwA%2F8Rk%2FkM3tOAu%2BnskLrZwzT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99b756ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":440690,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d967d4f509ea1bc659cef87ba86502eb","sha1":"6424e7ccf5c39c9417876ba0d0fc8fa967bedf9e","sha256":"d81b67399946e17e3f002f2a1e9b2b0a29458ac3411d70ab019a15d13927f509","sha512":"b8b06d72ab689322493703a49cd630f076dc1ec34852bf3cd2ab8618e9934a50b9db5b4d13174b2e3c6f3cb80c2bbde9d527324e58396cbcdae1234420677946","ssdeep":"768:FrKMJDBZzJWR9CK48wXOJJBdg/uu9Ib9SEITXiKU3kO3bcx+7Si:NKcTJE95meJo/uPlITXiCMbcxPi","tlshash":"4094f10b48d43487e1b4acbee251938072aecc29ce65567e8b7d84742730592fa7d2f7","first_seen":"2026-03-29T23:13:02.060371Z","last_seen":"2026-05-26T16:43:03.119475Z","times_seen":5,"resource_available":false,"data":null}},"time_used":500,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":279,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/drivers_license_uk_real.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/drivers_license_uk_real.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:36:58 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911aa-44b06\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZXAOHWl0mdM%2FQ0HsVpU1iNscc4yyuEbqL0ZZUW5elF9lSGQASdDuP1jkvWBtC%2BEcAh%2Fi7XlFVcf2U8Lu58UIZXU4s7InVK7DWskC%2Fj2XKTXeLQF9pwSO%2BoRX%2BQih\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9de56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":281350,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x1125, components 3","md5":"5867d14eea995fa604e242f8d7bf1f65","sha1":"f1c191036039078657f8570652cc44d2d91671af","sha256":"1663e8ae13fa9d7c5f1a34241610f11fce0c4cc5409f03e84eea1d110e8fa34f","sha512":"4377cb26b262bac046ad0e1783046ab67811b752f71b74041f4079c686ea74f679f361f249e66c1417a4e0e041cbdc59eee71ed846a263387cfe5aafbd839e5b","ssdeep":"6144:h4SN87ZmbMSr8LCk6LjCla9mPGF19s9yojMQMMSM+bWvFbOMtf:h4uhbVM4ClP37QrM+bMr","tlshash":"0e54235b568d2079f743ffff0a61b863fd15e5e192ee5420f2133a176e2a4a1d8808b1","first_seen":"2026-03-29T23:13:02.099307Z","last_seen":"2026-05-26T16:43:03.120269Z","times_seen":5,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":281,"receive":202,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/ssn_dob_check.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/ssn_dob_check.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 15368\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-3c08\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VwJbKgQHnDOp%2FN0muRVtrxW6nrp1tCjCJm8lqP0iyngWhjM8zor8veL1q49YcjlQEyBmfm03IrWXCzp62Se1vmKgsSSot8MJZbp311eOB7rthMCpi6GYAzfOw%2Fdz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfc9e856ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15368,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9426c4a345c66418b64930a0275d430f","sha1":"8062ca3740e60b2a31cabcdc7b2eac740c136c04","sha256":"2fea1449d34c89947d8b183ba9264b471561a508de6bf6a1c4a066a10844741f","sha512":"7a9a1fc63ce0f2e8c66ae4bcf363fb76c90c716080e5c72e3b5e04854b834bfacc89951688e731dd96157895a34647a6dcdfc8f8d1621119aabc52f617847d9a","ssdeep":"384:DbVWnJ/Ck/P5LtSKw6aKQNyAEZTLsRCOz/r:DsJ/CspbwRKMEZM1z/r","tlshash":"f662cff580a1a7fcf45509bd3eea2d334602f566119e2ee0d8cabb8c0e6a8184745073","first_seen":"2026-03-29T23:13:02.198548Z","last_seen":"2026-05-26T16:43:03.121438Z","times_seen":5,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/15_paypal_logs_sellers_contact_infos.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/15_paypal_logs_sellers_contact_infos.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9612\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-258c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dVGTcUjwH%2B6uUu417SzRd70ti2rHkicOa4Zpy8pyvoY0UAmX451hUmYvbnHPWe3cBEnINLjly3gxfbhPYpPzfc12XufbR%2BQuYe8vjtpAgL51LTVGvXiF79okVcGL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfe9f956ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9612,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8ddbe67308a7c559860f1c1ecfdf35fa","sha1":"be077dbde24349dbd53b4bb03a3689898455a2d7","sha256":"c3175e441254429fab1fc1c71e42f810f69ac2cf95e9122e8557ff487a913e29","sha512":"6817d9eacfa6f974354d3d7c12c61d060a13791742f22db8eea93b6c65d7a39cfaca06d302d669d80ff07fc2e15fdb942bb32086597672419a1920d497e47451","ssdeep":"192:zW3U42PIqZ+d1YpQ6SSrfTqQ+Xtp/cJQJ3r:zW3YPIqZ+Pg/6jJ1","tlshash":"09127d40f3247736dc13633855888a6dfa01136051cf58d6cd4e163d27b8ae76b4ce72","first_seen":"2026-03-29T23:13:02.06274Z","last_seen":"2026-05-26T16:43:03.122516Z","times_seen":5,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/js/pay.js","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /js/pay.js HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 06 Apr 2025 06:45:40 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"67f22314-bef\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gBUVgvrcWSVJo%2F2aec7L%2BJYZd%2FJ7sc6gzk7uKb1H9RY5wyEyCosCD1oEFd2Nc1sXcAUse0Dq8ZG2W9puBVv8n9eF3ccQ%2FtjzQVWRiauh5YijeBBpFpGL4FUzGrW1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bd0ba3456ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3055,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"5c8d663b0c65c15f897e835ee3281751","sha1":"109d7450d260b53752ca06369696bfa093895970","sha256":"b570b6acaa3133e51456a5c72454e7f790292dc2cc443d3c315b65606fb68090","sha512":"6bd67c1696df97ac61dec38838e3eab588d82cf9b705f49c23c3579a5def200f96005f9632e16f4c48b33054298790c0998f51e30eec77eaa1151e138f5c4952","ssdeep":"","tlshash":"6c51e00866d778824a37b03f0bbf66043eae006f861dce15f96c59ec7f84235b55768a","first_seen":"2026-03-29T23:13:02.241462Z","last_seen":"2026-05-26T16:43:03.123585Z","times_seen":5,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":11,"dns":0,"connect":0,"send":0,"wait":193,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/helcim.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/helcim.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11086\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b2-2b4e\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y%2BkZOYCPXcWF8%2BUtmJjIIpWw6yYLGJsm167%2B0g4MA8xPhPXFfodal%2B0QCBrfO1Kpl8ZBH8rMFJ6oHF5uCWZV00PU6qDBbRIfeMdPYmcYvcQ%2Ft%2FzTbpdYbhLpiYoi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf699356ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11086,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5a83815e4eed99181ed25fdc2a550ef5","sha1":"cce6b0bd092d35ff0920177a0c55c8b28f6db1a4","sha256":"7fa1140f0219f011f3ed3e6c89a073aa17a821d25cb97dee47625eaf344ec939","sha512":"e83820add56d777af73f079742353d3153daab75195e5a465e799d6c4cb0ce3a080ea6039b95d7ed2d1a9ada8a5334b89d50cbb22be6869729204432350417ee","ssdeep":"96:I3Dmdf748UoNkptk5rkC22U9ItjyI76DtgOV:+DiT48UVtkNH22UKBzODXV","tlshash":"ed325b4ef091913fe32eb6f15c316561737a503889ba6b0eb03077c4afa0e54e1a2828","first_seen":"2026-03-29T23:13:02.210565Z","last_seen":"2026-05-26T16:43:03.124392Z","times_seen":5,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/square.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/square.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3890\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-f32\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LZHvh7r3Y%2BjgvGDEDduH17HdZ9K9AEPfBavt2pQrxydKwgSQRrwvMosLGRGi%2BQwiBrHC2ot2StJLc2mRJSSWw9CZWpB13fyF0Y%2F7Z54zITF7MESVULWsrOA9o5dI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf699056ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3890,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 480x270, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"caa40521c44f8ba2a0d2e68d7a83e653","sha1":"eb4ec47bce4a87fd443f99f72a9d03bd64fe515d","sha256":"4eab685470e3270faaca0459ff1966973b8c230805b0bf86d978763e5582cec2","sha512":"5c20086560d64e9cecd4bb75074f41ca81ee343d6cd8c34052dc11930165bbdb399a7d2a5b640a29ab11444a173a5eca6da254f73737bdf14ae44935b0c002eb","ssdeep":"","tlshash":"b8816d7c83d2c3cbfb11d21668ee59d7f05ee5cd7ecd23122e03476a440b5a564294e1","first_seen":"2024-08-20T12:46:43.812422Z","last_seen":"2026-05-26T16:43:03.125365Z","times_seen":7,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/paypal_with_ssn_and_docs_and_bank.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/paypal_with_ssn_and_docs_and_bank.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10814\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-2a3e\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gXTNmdmqJzNvJWPJiYuTTlfi84BG%2FyysLSg7s7rP7IXiHguO2rlSNz6feGOk0WNew0PA0zG4Meum6cqveAlPF%2FMPs2ojzjTTJOPwb2BsamjIW%2FP7XHf7qnw8nTbH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89aa56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10814,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f4ba0a7378ec356bc8a9dff28a8cefa2","sha1":"d0c28377fd5e67b246f90ac6d59c001a42996528","sha256":"18c6e7de45468bb9670d819bc5c165c18fc39373e93106cb499d1316aa765aee","sha512":"2f780e2966bf889f7b1a10c70212eb95d4f86cd10997f4a4085f910edc5bdb42d7439307d38988222fd1ef67b2cfcdc551efd9f5f7cb0f3ab817908ed39ae802","ssdeep":"192:n07J5XhGQFMMGBUKP0NSlW3We8kt69LlZL1aGcXPime:ne94lT9aB3Wec9LlXaGJP","tlshash":"fd22bf8cbb0cc3bec65338be3123923352496658727d78397fb9734da306213a11926b","first_seen":"2026-03-29T23:13:02.227425Z","last_seen":"2026-05-26T16:43:03.126184Z","times_seen":5,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/icard.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/icard.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13858\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b2-3622\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9IItDHqVP5P7p%2FJh0wOlxtAAoTkdSGkdCVxrVuLqW2pd7Mi2LzK7zD%2BD%2BwUBm0CPuFY42JO8fRxJV5HGpmzU8KtxKADL02V2o39E6HltOpgO0Ix0uR7oKD4tOJJO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99bc56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13858,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9da6abee59f3ae221ac83e66b8a2cd8f","sha1":"f6f7f8798ccfa56ec1f747c3eb5d1eb49c860091","sha256":"ab7337a442eab14fb471daf7c291b752ea91c1b57cc17c3e5905bd6aa54079f9","sha512":"d56fdb3d2ed271b9e57e7ec1af900fb0bdddc92bac804f297dd0ff2e609a500decf0c6c79f507f0b365a219c89b1a58545d12baca8909c28a90efef7171fe112","ssdeep":"96:0E3bkppfq58VRVAIfRg0nZ1/Kw+B6LHsAeT4UqVSXafxtXxnSv:xgXq546wu0ZEw+BusAeT4U4Wa5tXUv","tlshash":"b8526b284638539fcaac493a2328b073491d83cb04b4761da36bacd1dfd89bd27975e1","first_seen":"2026-03-29T23:13:02.258762Z","last_seen":"2026-05-26T16:43:03.127394Z","times_seen":5,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":380,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/other_countries_real_docs_with_selfie.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/other_countries_real_docs_with_selfie.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 34320\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-8610\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HLOSC1kexxqJ1Doa%2FJJVtj5seuVwbfJptvZI3B2qoxTli%2BmQNZb5mDzJOlkxv8EcBtjUMixyun1Cg2SrDDsO3bYVVXgxws8ClGvwTmndt4j%2BUp8DI4cLSwJNBOKz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfc9e156ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34320,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ad4a497c989e857548a2d9c5c6220666","sha1":"3ebbdc6827160fc994017842418a51ac4a59878f","sha256":"4289ab7c19e87b81b488e3cb33577b6fd6b807de60f0de26da4047136ac61444","sha512":"de46a36331deef9cc5db97d844dda35d24c96f880cfcf5fc36edfd59d0e59d005d27e347b95e71528fda236f94471d4e8752364eec11a6e46f788f5cc097d35a","ssdeep":"768:t9OOZuN/ixzslp/z4nwUcKTY0zK0KEGhHq+u50VD:/OsuVKysFjWX5uaVD","tlshash":"fdf2d01a37641b4dd63b3cf6957c9dcc2270d80a9307de25d12483a82f5aa1b698d7ec","first_seen":"2026-03-29T23:13:02.209435Z","last_seen":"2026-05-26T16:43:03.128592Z","times_seen":5,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-26T16:42:31.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PHP/7.2.24\r\ncache-control: no-cache, must-revalidate\r\nexpires: Sat, 1 Jan 2000 00:00:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DQ3s4W3g%2Fl%2BDiiJhfIgVEvy5ouxpd5hBfCmo0pNPm6%2F3E5yfDVFGd7YEyHmGN1UC8U8IGeHE9OmxzWXLhF4W8rios3U4gNz%2FYFlpHsz99tqHwgZoQjz%2B%2Fdin5t6b\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: a01e3bcbdd6a8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery UI","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.2.24","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:1.9.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]}],"data":{"size":104683,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"bd5f52299e577888ca342507b88d0a1f","sha1":"84ef02abcebec209e277aa63b99556ec3047cfd1","sha256":"f21f75dcdebc03e2fb2259cb6b9e834fc4a1a24034df02d504d0a93616e41bdb","sha512":"0a8ad4097cc429757731dd99664d6558c32851ad2c21064674d97f403972a0252faa8f732884f50a4c090b1a37cdb66da8a1a42aa937b61f5c05dd17fda800a7","ssdeep":"384:sFyRcX4ZujQHKoc/oGCVuBn00IYVF9kqzO6sVj0JEZGdYghdr5:kpoZueKoWo1VuB8eFiaOvVjeEihdN","tlshash":"58a3cc3264faba37467341c6e64a6f49fee3902bc745290479be93c31fb8c12610756e","first_seen":"2026-03-29T23:13:02.065339Z","last_seen":"2026-05-26T16:43:03.097224Z","times_seen":3,"resource_available":true,"data":null}},"time_used":523,"timings":{"blocked":84,"dns":64,"connect":1,"send":0,"wait":355,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/coinbase.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/coinbase.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5284\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a6-14a4\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ewPE0RXQlOwAKUdmT0SGXKEOqc83c0K4iqS3LNg5mJAPghn5aj2M0DrZ0A6tJerx9vr1LPGt24EFZeWJKsFIUb1DZvMkvReBdAEnTYnbtI4QLFNMF%2B9dPtxVg3vw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf799956ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5284,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 480x320, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"cc77771bd06668bbafe48521c5d5410d","sha1":"c7db402967c2672a787308901d918aa40dee8893","sha256":"f446ca9d184a8486b02bee53bb4640f50495613fee77752dfdf6516d53f3adff","sha512":"fdb5407a4150209eda7b276702992c2b58164adc3d3d928c0d621d1de5b2de95b2f60103c392d1cf8639a0745918f03ea722d4e309c1e0d64abf01dc5003d525","ssdeep":"96:5e4nyqg9XcbKxiwrgTJoC+wjvL3LpS+D9Js/R1470:5XvEMtwUucjvbpU/R","tlshash":"b0b17dde23d99b70eb21a5358a422b0227647a325654738d457ed2fa2834b10f85bd71","first_seen":"2024-08-20T12:46:43.896547Z","last_seen":"2026-05-26T16:43:03.129528Z","times_seen":7,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/kraken.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/kraken.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 15626\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b2-3d0a\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fJXIKsdCGvQNsV6f1fsKz1wOsBegPMkwIcyNY3r6hA5w4bzB8M7g8GSpR%2F041IvIrPPn7EcAe4Yj0O5UQtQNkqeEjI6zWmmrlR%2B%2BUX1YD7dfxAm%2BYv2h19bUW7jF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf799a56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15626,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2b2b2be8b040ed9674e7925d8734e2b7","sha1":"172ec8350101e02b0560daea6c1298b5ba266d95","sha256":"0d6a70c5224d6df318bf284954beeb69ddf900bf2105d4010a53bb5d9781d849","sha512":"cec99aabc1e9ac6e08d56e543d5fe2a0b24829516eac464efd2e26b19bfc19ebfd13d60b91f835000ed4e021ce2ba0b888a85e7a5e5c2bd20e924ec200501c16","ssdeep":"384:6YNg7VcsDx8JuHWY/tqJxPlNREM+v25qnhl:6YyuSxZWY/0PlNQvH3","tlshash":"69629e31fe11ec92f2b3ee7498f7f75a5282764497936a82381c58257bc14d02e0e0d7","first_seen":"2024-08-20T12:46:43.901387Z","last_seen":"2026-05-26T16:43:03.130372Z","times_seen":7,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/dave.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/dave.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 53086\r\nlast-modified: Sun, 29 Sep 2024 08:36:54 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a6-cf5e\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jxqHtMTt55%2BHjF01aOBZOAjGr2PLby%2BL2ugwdcLgIerBxmLADRTM6FwJumc7r3OBsAWZo4X3lmI%2BmujFWBRbiTFlrfb20xrzd3j8mzlNpP7fm%2BZQoZvbeRnxv4we\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99b556ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53086,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"108fa59be5423ef1b1484c335b477e83","sha1":"d12273fa493468100ef61095577b1764cbfc6732","sha256":"d4abd9f5a674b155114c7c3520dca8530efc5026adf8066cb236192ad90efd41","sha512":"762b509f2f8833181fa80b4555fbe9ececb9debd3d3556cba872609ae5553cc97a50c35a3dc5d0370f30c44251cb177044c942b6b8dd2aea6c951fdcdbb17965","ssdeep":"768:x7+TYaHr8dLe5Rvj6RaivAKHafgkwSTTRrsQhv4C:lWXr8dLej76aivPafzpntPB4C","tlshash":"b233e12053325225c3765ff339a46fb16b62da7882d4fb850948f3876740f297abca51","first_seen":"2026-03-29T23:13:02.11515Z","last_seen":"2026-05-26T16:43:03.131449Z","times_seen":5,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":346,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/other_countries_real_docs.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/other_countries_real_docs.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 33676\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-838c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nXpq9we1%2FCKdDxgcvm9EIV8dZa1bbc6C6niFF6WU5C1A7%2BsKel4FQ%2FgtQZB%2BYw8u8n42P7DGY9c5WMDzAz%2BrY26J8%2FqKQAR5dlxSluUWJ1%2BMsnsJLPyXax1tOFpa\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfc9e056ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33676,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d725679284e295a35111a93c6e68825d","sha1":"0da672868962d0b3ce8ddfe724ee88db4b3f0220","sha256":"8cc49520612099d3c7663d79f32ad04eb3b61e2795ec8c43b4c7492037e7c302","sha512":"30bae33f78640b0e172164187e40ae641cfc3fe2a13adac907612bb338ffa8fb568510ffa830106335a89b6278d9e77f62de3ac33067f5ae3fd54fb714761bca","ssdeep":"768:SHDJjhSzJHjzN0dRUS3EvS//QsUoj1v2b:K19qHjzadRUSmEQsU2v2b","tlshash":"4fe2f1cfaa6387f8d15854b48a267f8943e81bb0a1758f010a85153bde2d44d2c5dafe","first_seen":"2026-03-29T23:13:02.08025Z","last_seen":"2026-05-26T16:43:03.132698Z","times_seen":5,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/us_bank_and_crypto.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/us_bank_and_crypto.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:33 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11518\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-2cfe\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O4CB3yLOV3PHdD1yhtPPwE87PI1tMlazITslaxyS6F62JHaAQDbHs5lbU5iK9S9lqEfKoLw7h2SL4Q12a0RV9B%2FQIBp1TlVo3tF9vUDlMJrrh%2FJlhMopw94%2BHsfy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf799756ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11518,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"389c65a312a66672ad8e5102883437b2","sha1":"b775a313a38805ab095df9b97991cce59ce9f87c","sha256":"ce06eaed659b5fed2c0a15e7b3740e1a8737dd32693829d5d79d8362325a0b04","sha512":"969cfdebe75de7edbe51960269eaee959d572cd6c42ee28fcf2784bc0a1968276a36d1e87a14887c80a853431675a52dc0558005a070a3d68226f4ba4a1515df","ssdeep":"192:5LH7hhqmor4iBMNdOo0wNzqc/mch2b5DYXXS:hb/qmormdp5Mc/m5DuS","tlshash":"7432bfd683b8dde1e46fc6b25d1e14fd6b749ccc9302f30730e08642648f90a7a8266c","first_seen":"2026-03-29T23:13:02.186876Z","last_seen":"2026-05-26T16:43:03.133489Z","times_seen":5,"resource_available":false,"data":null}},"time_used":878,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":878,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/santander.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/santander.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2850\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-b22\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w7da5tIdxfT2y1lVUbvPTiIUEaPSrve3hTZtU72a4qyabi%2BF%2BMpQL9WoXiYGCY%2F1Wfy2c4%2FoDJm8iEmKmvwDZSWZJoBPMIP1yRDFYxHoR5A1ft0qSd5dBFbNAX6b\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfa9ce56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2850,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 376x134, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e0818f56c35872bd1ee792ad0ca5a18a","sha1":"977d9d6d4e6878ceed9b210a298156136d57cb05","sha256":"434988bf50c15cedc83e848e96358990dc3dbcfc104edaa09c4d68cbe09773ed","sha512":"ee1a443116b12d41b7f14a91fd21b007abb8cea48e4e54edf3d0fc04924a9e57b9ea74f74397bbd3b145bf9885b880c389fbc99a81a37bd27ad06167e430f087","ssdeep":"","tlshash":"6e514d657e0d09baffb68d3c4e2249a73073240aba1a3d36b45520bd527d71f9600e0a","first_seen":"2024-08-20T12:46:43.830965Z","last_seen":"2026-05-26T16:43:03.134507Z","times_seen":7,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/pasport_on_info.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/pasport_on_info.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911b4-1d380\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3U%2FrtMfsRnd595yVWy56zkuCAWfgMy%2BklBYW46iur94DwZs2E8TLigK29Bf1Sar8xPWqcLhn%2FPJeywFYwyqh8ZdOFwUp9eRWTiKfSNS227dfpLzaq07yyJk65zfV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9d356ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119680,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x900, components 3","md5":"914af7666617f74915ca3bd2b0be23f6","sha1":"6ac0973ca8e61e3e902a6bec745b3d1715e76286","sha256":"bccecde6ff3908666df0f4db4c5a7966c203bd68dc9fe2a7f097cede17a51f74","sha512":"c022bc6df583751cf4cea0533165d19b5155a62042cebd4cf226688afdfeca7c63844543e55201d2432647581407f750c3f3253f74da97105024791812c5fb8c","ssdeep":"3072:AJF1XQ4KJjhcLT8xJ/Camt0OJkyF9BUwuZE:AJVejhkiJ/CCM9DWE","tlshash":"40c38a8b98138a7bb44ed1b94f12706ca916141263c353613e6d3fffb6bc26b4d8b914","first_seen":"2026-03-29T23:13:02.235464Z","last_seen":"2026-05-26T16:43:03.135334Z","times_seen":5,"resource_available":false,"data":null}},"time_used":490,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":154,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/tide.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/tide.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 37560\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-92b8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cXh%2FtlHbhvhQWEOxgHEqPj31w6zXCYY3dk8DxMoYrXov%2BDwoSwNbYmK2fmsGpEGpqsoHTuTdtpwuE4xsMdVR2s6JB6ctbX%2FesioZehRU9Luf6jdeGW0HsK2W2kQt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9d256ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37560,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6dfd9bbd8cb458446aaa895527879965","sha1":"889e15e5841213b00e5e6a5fc8fd27cd9b98d1c0","sha256":"a4c702d3f1e8608290919b33fd19f11e3a9128412195eb28e0438399e5b973d1","sha512":"e50593ab84e6f712034b3b91c0f372bdcd944c82a00e44636ec56d96145dc7b6776b76e3bf73996f83f45711aeab1ba7e4d7df48d7fb1d451b31b16d55ab7873","ssdeep":"768:L/SkoQmcuRskyBbmwY3U6pJkMucc1OT9Cc1NSwHeXaUlJlA5Ji:GkorlykYh2bDmOgbw+X/Oi","tlshash":"2cf2f1e12359590bc94d2574b0083b92c262ff5027e9e41bf9c410f3eea9badfc59189","first_seen":"2026-03-29T23:13:02.106499Z","last_seen":"2026-05-26T16:43:03.13622Z","times_seen":5,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/fakeid_with_shipping_us.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/fakeid_with_shipping_us.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:37:06 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911b2-50166\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e2TqJdmwhJqgawgklVcidniAERrOsOyaedZyJksDc08qZNN%2Bg8Fs7gC5WQYKg7kbfM1BBoBvY7jVQjMpHewRD%2FBX5cu%2FKzOk08o8HFCWbOVYAkY%2F%2BnzZIp%2F4tpr0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfc9e256ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":328038,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, orientation=lower-left, software=Google], baseline, precision 8, 1158x2048, components 3","md5":"e38dfca998f3af85f512023dbdfd3638","sha1":"b563598ff6c05a6d8442fa46982b90347e200769","sha256":"81f9d26fadad41393ed232f409a92f9e0f984492d6cad05e47d067f3f0f9b541","sha512":"6d79ad60357b5036ae186c536b37379a6d5d08e095ea12fc38abb8bd153e0ad6af122e1cd636bd6b4708028a9e67fb64dd890b2be600db996de8f4f042fc9d33","ssdeep":"6144:Q/jSenHHvx65Sf1NneoFDTqvLIrtwK02aSVh6G5Eb9MC3Hq/ophQcb0wGjo:ZIHHvx65uDew5tZ0a31M99q/pcQwH","tlshash":"ca642332876417ad698978f155edf0e8b39dfe77f6f115b424c35030a4cbb52c248896","first_seen":"2026-03-29T23:13:02.211696Z","last_seen":"2026-05-26T16:43:03.137007Z","times_seen":5,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/fullz_g_report_credit_report_700_score.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/fullz_g_report_credit_report_700_score.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13276\r\nlast-modified: Sun, 29 Sep 2024 08:37:02 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911ae-33dc\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mnDP7o6yu%2FNFMYr1txZiOciNJgS8%2F%2B0qSoLBlIGAJHFmRBU%2BNo87TSP73yVW0p5pKMEtdSLwEC%2FyYibGxCvSLj1X06BXrgBy9KMhxF7b5xqwaUb1M2d%2Fp5A2v%2F9N\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfd9f056ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13276,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"125fe7f5b94ce58a88c372728001e27e","sha1":"0a6e0fbbbd4b0f66a485061578c2c027275f9cdb","sha256":"bd688735b472ff41797d60a94026d51d12b56948f205b4c8a435b91edcda62ce","sha512":"125903432abb0fa5df7eabda9a1ce8ae47f138b3398dc665e0d738799e6756f4d1a77f5b8a1113c2184a0fb5ecd316c1fd0b84149d35516d8bb336e2135de7ac","ssdeep":"192:X0I32ZwD7ZsiQVSiooz4dK2WFSSJG1i7tdrkc52TngMAArf8eLT6J6:X0LMaVGPWNJG1qdrkMUgM58eLTL","tlshash":"15529f21ca376b46d3058d3bb13b7b6629c2ee29953735086433677dcd16b1ec9888f8","first_seen":"2026-03-29T23:13:02.118431Z","last_seen":"2026-05-26T16:43:03.138194Z","times_seen":5,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/refund_ebook.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/refund_ebook.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 261244\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-3fc7c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1gpUqzySvUyDvvNBjL%2BHN9cCaJnG1W8t8lAWGw54r3%2FnnCgWomSHnVOgccxytgObTVNL%2BnVumwpbVBfxQpXp5uKAnF6ord9YLgFkRzYA2feV9GqVrs%2BeWUS%2BA9jJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfe9fc56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":261244,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a59071e2b7267e40626135666552fc96","sha1":"40cba3d8ec6a8a7ee1de6fdedc402934fdcc76a8","sha256":"0bf86827dfb04ad0edb19c3aa534a7e7907a274a8851773e6514fdebec61256e","sha512":"78aea2d24ccc4b85cb50759b92c8d97d10c84d768204043675cb11af93c356793b7478c22ec777357381842404e84ce91a73d6a86dd0e8d1b80fa4814bc04d6b","ssdeep":"6144:W7jgw91v33WOMud6kBukpZcSqjAu/laGv/zQRSuF9bY:YDbf3HMQ6kBL9GHznujc","tlshash":"034423707e200822c5c74a3555ed4b58f98ab7e3afddc635d06cd2734e248949aa3be4","first_seen":"2026-03-29T23:13:02.109069Z","last_seen":"2026-05-26T16:43:03.139119Z","times_seen":5,"resource_available":false,"data":null}},"time_used":500,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":203,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/albert.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/albert.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 54686\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-d59e\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wQfHJ3HlpJpCL3Jm4ha8w37f10Q1B4HTnA987IXYJ9SkxW%2B1xS2lL%2FCobEtYtHGkY5zO7soI8laxOxJSxmHBtMCQzKHsuvOkDCqzZafv6YfbAw63xniXAB840LNw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf89b256ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54686,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1f0f3cce9a46aeb0bf316380e199dc7b","sha1":"39d4f20030ac689079b940ff51db50b9b1a4ceae","sha256":"688b5b3b7c6dca133f32b6930db40a8c1af7a3cb386d51a350f3c10aa3cd8414","sha512":"ce0734e202c405c00c8623e93f130ba2fbc68a192c589d54497e669b2e78cf12b5ab482ff8b142c00f881cb4c338e47b8d6f6d6699cdcd6266d3610221421f61","ssdeep":"192:BwIZkASW32l2zbwUcrhh5i1iKGf8T29lXqk226jTcvyOQnwcUcnl:BwuJ2E8Uq7E1Le4k4Hca3nwUl","tlshash":"c533bf1da7d50704cd8001799a5f8b4cfb59a75e9519ddf242b2b6b60bd0c8a8c242fb","first_seen":"2026-03-29T23:13:02.228416Z","last_seen":"2026-05-26T16:43:03.140147Z","times_seen":5,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/10_yahoo_mail_accs.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/10_yahoo_mail_accs.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11432\r\nlast-modified: Sun, 29 Sep 2024 08:36:52 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911a4-2ca8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9yQpAOC3bD%2Fza98DQE34dk57AYBTDTiMovY468%2FIsdb2ZkYbemH5N%2FyiBrH3oDQWhrVvJ1EmZ9b%2B6tk6CAaMm4I08YsQYaMPxO%2FeuHZwg8tFq1GqRiPIIuUKYu6%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bd09a1d56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11432,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"019e2dd65761cc3449a71ad139fe69f1","sha1":"005a982ff33d5771c380296eb106f6d4658713bd","sha256":"cd99d5e6aedc3592e1de5d557c9e5d1944345ba8fa5356344f75d1384019b1f4","sha512":"306e426c54d445417d6448ad50fb1eab94a3f7a2413918d61c6094a059d678edc7bd4c3adae11d1610b2856c5c10071b5e346b6052c074a13ca042447645df63","ssdeep":"96:lV63bPZPV7GKXc3C1P/5BgzY7a9fQK1783UsZY/DLmBV2RLCvRy2yuOdZIFAU:36zVV7GKs3CdjgzY7at7dTXiItCJ1PAU","tlshash":"1932af844775262fd5b46ef3739cf67067d8c3a0d86181719acb5b809c4057331b62f2","first_seen":"2026-03-29T23:13:02.111413Z","last_seen":"2026-05-26T16:43:03.141072Z","times_seen":5,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/favicon.ico","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:33.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:33 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ca7tiDaDcn0KXlVRYxa1IptlKhHp9ic4K0Cov6dpfBX%2FZbip0IgXkAvxeJ2D%2BLqz91g2WKmLtlc04sKtIqQ4ZiNRv0ASd7qcrFr7TrBxtgYvSaEKRxVnhr0VLEa0\"}]}\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bd65ab656ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":196,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"62962daa1b19bbcc2db10b7bfd531ea6","sha1":"d64bae91091eda6a7532ebec06aa70893b79e1f8","sha256":"80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880","sha512":"9002a0475fdb38541e78048709006926655c726e93e823b84e2dbf5b53fd539a5342e7266447d23db0e5528e27a19961b115b180c94f2272ff124c7e5c8304e7","ssdeep":"","tlshash":"c0d0129e9183638b442225907ac211d2654d13a6b87645e82d82a48a951857dc5ca69d","first_seen":"2023-03-07T12:06:54Z","last_seen":"2026-06-08T13:58:11.865255Z","times_seen":104155,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/monzo.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/monzo.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 252516\r\nlast-modified: Sun, 29 Sep 2024 08:37:08 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b4-3da64\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZqI4m9No4ztDFZjMjTehxM57fQ%2BmKSZPTYHuLy0cg4X7sf1hnj4TuGUqI9QKcst%2BJWl4LufjOBsIfO35kyY%2FWIhrXABNU8i9zeGypVVINrd7PkSo3KFoXpqi3CcS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcf99c356ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":252516,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"46379ea877c3c70abdc14af90d00d116","sha1":"ce833cd0e2f4f45f269999166dc23cc6220f237a","sha256":"05ccf35a87322b9b51b2978492cf5426f839d4ce3babab37cc350d9f70a8547f","sha512":"c203b731ef79a937ad3394e34f88f36ced600df3223c7ed233fe447fdafe6eee84afde2769b12aa8ff2c42f2a5029d5752a9942ec5c9db26da35d66228b17c66","ssdeep":"1536:e2Gnj9Lkb3ll8OHEDfrfDPfy9dpFDe8Gdp:e2OjNkwOkbrfbfADFqp","tlshash":"27340248330153e8f2c173bc4800c9be76ac1b7594aaced73680b354f525abe19a9925","first_seen":"2026-03-29T23:13:02.174013Z","last_seen":"2026-05-26T16:43:03.142008Z","times_seen":5,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":208,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/wirex.webp","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/wirex.webp HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29322\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\npriority: u=4,i=?0\r\netag: \"66f911b6-728a\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bcasTYBR9SD5HVUDWmxRhA277zzFag5gu59cNYkHn4tDl637CINJwCEeMKBJk0ha%2B%2Brkm0cxPBvnnr%2BgemodOGiUaVBLQg3DNBg5O1lWvK6sqkThO4LgEeeVHdKI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfa9c956ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29322,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c8a893e9b99e9ae3603a87e97d6c1484","sha1":"c05f60669fac5943ee4fa2878d49b56e0122f053","sha256":"f631acb71935bd6bb9270c0478c1237b899bb78fc6efaf20220d0e1a96947caa","sha512":"5b05b8b0975fe4f96fce60f2370d7710a1c1dbf6cd4a9bed01221b725ab70ff0be9fef45612002ef2942565762f96e711ee98af83e869473595f18259d5f7e3b","ssdeep":"384:XxKXGXvfQW2O4/l9Bzc0KS+u4d16EDHv2hVRa5mGNCEnG1NlmSlLkz3:gXO0z3KSmLv2hMmGMkulo3","tlshash":"c6d2d1965bf3b281fd8882b22d9513e367811f1e350a1d41b7fcd489c5c8f586a4d63a","first_seen":"2024-08-20T12:46:43.8875Z","last_seen":"2026-05-26T16:43:03.142988Z","times_seen":7,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankman.su/public/img/selfie_with_dl_us_real.jpg","fqdn":"bankman.su","domain":"bankman.su","tld":"su"},"ip":{"addr":"172.67.202.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankman.su/","date":"2026-05-26T16:42:32.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankman.su","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 05:17:01 GMT","end":"Thu, 02 Jul 2026 06:15:43 GMT"},"fingerprint":{"sha1":"38:9F:27:E5:A8:70:9F:22:0B:AC:DD:9B:C6:00:F2:EB:5A:C5:FF:41","sha256":"F2:DD:1B:10:5E:3C:4F:C4:2E:CA:00:E1:CE:09:13:94:72:80:D6:1A:36:63:3E:E4:46:F0:69:AD:37:AC:9F:81"}}},"request":{"raw":"GET /public/img/selfie_with_dl_us_real.jpg HTTP/1.1\r\nHost: bankman.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bankman.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 26 May 2026 16:42:32 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 29 Sep 2024 08:37:10 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: W/\"66f911b6-14749\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oFHVUahmsKBCUiKO5%2F2GoJTg3P87Fx24SFljjAUh3QmM1y%2BNAV0If%2Bb9fkUc%2BT%2FUNTmB%2BJKV31t0CHoiBP4%2F4HFd4WfuY%2B3urPC5snyvYLf2kAh0xQvRHc2PwomZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a01e3bcfb9dd56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":83785,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x852, components 3","md5":"9bfec934fcbe98c837c97355843ee923","sha1":"93c2c46b338c43c94992abc6dfdc8b22db19f368","sha256":"d85baf6ba80d7515d48d79ca7a2559e8172f147a3a816f90925d1c71d1e36c33","sha512":"d6a516070116885e2181e599c3adff6630deb1ffb8664d95798da59f8d389f9a6b6d6cda7b29aed9fd67f45f18aa5ee1a4cd82eec6fed216bb16c6601a8ac495","ssdeep":"1536:AL5yKnGipZGHRQEtVecjxkNCniuG9oVQwudUji2FyTYxts+QORQVRuTc02UfxUQ:AL5yKnGteEtVXTJLEG1QOaVRGUQ","tlshash":"8f830263b15858f4fd5f87759990733ce201ed397a079e0d22c1825db3adfc2199d88a","first_seen":"2026-03-29T23:13:02.238687Z","last_seen":"2026-05-26T16:43:03.143952Z","times_seen":5,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-26","alert":"Sinkholed","trigger":"bankman.su","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}