{"report_id":"6b68d4d2-e969-487f-8940-ae7d6c4fb54c","version":6,"status":"done","tags":[],"date":"2026-05-29T10:57:00Z","url":{"schema":"http","addr":"cardswebapp.com","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"cardswebapp.com/","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"title":"Bitquillpard — Bitquillpard NFT Project Development Platform","dom":{"size":112120,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2221)","md5":"5e0cf4a809dfbc93f513760c22370032","sha1":"160a4aa2968eb2ab34938a422d9c3b1448bec7ff","sha256":"f3afe5f02e8652ebf690e242472c496150674993f56e699890eef887caf83209","sha512":"c768102c338bf46d14ee8e9228bc6d7ca97d4ec274617a2864f6aa233b2d684f544923b1537aa0395169f1e975859c574090cbfa5833333c37d9b7cbf450a175","ssdeep":"1536:pxlhdQ81ubM3kAUwVmgXNMLiypLiy9hsufBWrPCL/3pqWup9WHpPex4Q:XlhdQ81lXqLiypLiy9CufBWuL/e4Q","tlshash":"a7b30ab412f70524650b42649bfb131a372c9087da0edd28b7ec62949f82dd8ddb7acd","dom_hash":"domhash1d6b3de780b68c732a68b16185e28fad","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cardswebapp.com","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-03T10:57:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"64.233.162.95","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-24T22:21:07.624228Z","alert_count":0,"request_count":2,"received_data":13780,"sent_data":963,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cardswebapp.com","ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-18","domain_rank":0,"first_seen":"2026-05-29T10:50:47.392557Z","last_seen":"2026-05-29T10:50:47.392557Z","alert_count":56,"request_count":28,"received_data":1589130,"sent_data":32395,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-24T22:18:17.447529Z","alert_count":0,"request_count":3,"received_data":46174,"sent_data":1652,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cardswebapp.com/","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a71cfa68b27cff21a27e7c74bcb0697","sha1":"9613602710109e7a01f87c3228eb83d3fcf86f23","sha256":"9429deb5724c1d0b5ce1801c031f344673b7e423719d2afe37bc53406b4ef329","sha512":"b2b84254e6d8381a8ad47aa933193566fbd1726e487ea885b2472df471ad33684ffac5dc607a8fd2a48399e297bc7ac9bb55f93b51e679ee81a2f41b40db754a","ssdeep":"","tlshash":"61618a1a29fa253942ab60fa9adb070d313021473944dea87e6c87504f91fc599f36ea","size":3418,"data":"","first_seen":"2026-05-29T10:50:53.451126Z","last_seen":"2026-05-29T10:57:01.93506Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-07T00:11:15.860729Z","times_seen":362537,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"89821963e771b0783d4c006e79d2b1b4","sha1":"54d6af187aab386ef5b3eb8fc92ab40e7b7b0126","sha256":"707a4bd762a390060b5e005f352e6294be7a35f7b017b7cde6784caa42eea6f7","sha512":"32fc0a464307592a27a9088199ed9042dda8f8c81e238917f34ff9629e6ef8daa19ed8d1a49523e9949948cd49aa14973d8ee99b3bb64f6febc76ff42feb3a03","ssdeep":"","tlshash":"4c01dd4bf5760d2627d7558e3347126e2444114bf600ca5d7c0c82044f71e06f0f399c","size":679,"data":"","first_seen":"2026-05-29T10:50:53.453934Z","last_seen":"2026-05-29T10:57:01.937661Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c7f82b273b115c1dc093c9754d10d6ed","sha1":"63d32066df235ec5cc409e25ad478c1ac2381c03","sha256":"79b79c02bdaa2e4441dcc50c4c868c40ba5b8b7526235f1b2dbe8b9224774fff","sha512":"2da74bc80a51b7b7017c6a1b5d576d8b28cea6413496b73db581a20740a8ea07757ce0a2e22c04f9c36410f09e41b832097efeea900de574dd8a7dc11a73c459","ssdeep":"","tlshash":"64f05c0965be321041ef7237a6d71f463130500b3904894a3e2c46e17f36c92649badc","size":507,"data":"","first_seen":"2025-07-03T17:40:44.952659Z","last_seen":"2026-05-29T10:57:01.939388Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"82316462c7d72c3b8839a7cdb548d2e5","sha1":"19feb71df6b82cdca5694519bbbaeab25df41a45","sha256":"17912b3e2cc32f3893a159ed44c4f5e8ac115e8cdfc14459a34ae1348eadc6d6","sha512":"83f313be5aff065f15f69221a7650af3eec9a7cc04ba24b8e7ce0929bcd75136418c257e3a4618e2f220c5d85718b389ddbc91941fa4d3c2d5fd7e12619a530d","ssdeep":"","tlshash":"1711c20675771a2120ca719a83a385de25e42247b840c69c7e8cd2070fa2d92f0f38ad","size":984,"data":"","first_seen":"2026-05-29T10:50:53.457642Z","last_seen":"2026-05-29T10:57:01.940416Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cardswebapp.com/view/thumbnails_gallery_69c2fa8dc671d4.84100465.jpg","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /view/thumbnails_gallery_69c2fa8dc671d4.84100465.jpg HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\ncontent-length: 33332\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:56:54 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6InBoY2kzU3EyRFhnNHd2cUdUVHFFTFE9PSIsInZhbHVlIjoic2psUkdpNkEzMHN6TEl0bnpyQ1VXUW00OEFuaEJGZzFkdWc2cE81RWNGMUtrYW5qSGpxTXFha0xqcDNabTZHWndRaVNMbnl0YU1OSzZqMHd6OFFMQ0hESGI0TFBvQ0hSb0RKS1Z6T1R1KytvSWdwVHZRWmFWR2RURE05N0F4bGoiLCJtYWMiOiIzZGY4ZmQ5YTEwMGI4YjZkY2Y4NmNhY2QwMzAyYjJhNzBjODk4ZmFhMTM0MTRkNjRlNzFjNGY3OGZlYjdkZGQyIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6ImpmbW9GRW1WZ2ZRMGx3L1c1cjJMTnc9PSIsInZhbHVlIjoiRWluaXZKc2ZENHVaRnQ1NzRrVEtPU3V2dXNldlhhQ3hWZmNDUzRZZXhIR2ZlMyt5ZG80S2cvODhYZXZKWGhGeTQ3aE93c3hjTjJYaW1MU045Wk1qWkpsU3ZqdU9iNHhuSmtmcWo2elp0ODhoRHV3eDRqQ2tOV1NTNnhocmxMeFIiLCJtYWMiOiIxNTc4MjFjMDZkYzkyMmYxYzUxZDU4OTBmMmZiODIzNTIzNzhiNDA1YmRhOTdhOTNlY2EyNGQxMDI5YTkzYTljIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EQBIpqn4c2OTdrJzF21ucKITGOX9oxC0U9Ho1EMOUvzzbEEFGhC%2FEexK2LxsbJt3Yu5s7tuNRkEBo2xAiOG9wLu5BFvk7xopKvoTZ2QsUEkpJ%2FNt%2BtAwS%2FajKeuCG52h7Yo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f940f95e23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33332,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x683, components 3","md5":"9b29cb683d9f385e761cfeabb224b741","sha1":"7a5da0b913f1035c0ec27ba7c99cd564345f1dce","sha256":"3175f28e7d0b2221ecdf3892d3b48efeea21613fedd676ee103e9d758c971758","sha512":"26f3761ab26f67934ce291bc71b98222633a48d50292f6c982250006e97c266d15ab02416304adad41f7457a258f3be4889e03843277c50e8bfcc395211181b6","ssdeep":"768:tKldSlkZKz9tCP/2msojrpWJ8a4yl08qo+Gf8coqJJQLY:MbSlpz9EP/2msOtBa4yi8qDMYY","tlshash":"6de2d0be1ecb6ba0d9a99fb559e6db7d5d88f468841f877b26e30d2c5b008fd0530024","first_seen":"2026-05-29T10:50:53.402119Z","last_seen":"2026-05-29T10:57:01.877654Z","times_seen":2,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/view/depictions_gallery_69c2fa8dc67391.48612797.jpg","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /view/depictions_gallery_69c2fa8dc67391.48612797.jpg HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\ncontent-length: 41957\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:56:54 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IkMvQnJ1ajh2NDdTSmdQZVRsd1pDVWc9PSIsInZhbHVlIjoiS0JqV1F6bmp5bXBJMEg5K20yMFovOGFqMkZoVENXb2NzVFNEYllLbUhPUEhqenBOd3dONXNSbjR4ZGZEd1VKbnM0cFYvT2wzTDBrdjVHNzBFNXlCUlhod09EdnJvb3pLblVVbnpmSDhVS1hZWVU5WXE2RVB3cVgwQk42OCtyMU0iLCJtYWMiOiI2MmE0NzMxMWJmYmU2ZmUyMzJlZjJkYmQ3OWQ3NGZjNzY0MDg0YmY3MDlmNGYyZmY3ZDBlMjdkYWQwYTE2Mjk4IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IkhWR3QxOWZJSklMTkdHNW9sY2xqMGc9PSIsInZhbHVlIjoiTWNJNitzME4yU0NZQVQ3WVdYTmFKVDNlTXNHWjA0VnA4MzkxUmhtMEdHclFlNDVGN0F5cVQyVzM3UG5HYTZkayswN0V4ajk5Z0lRNllGZGRVTnhxWEFQbTEvZ3V0VnNVMnVSMytBYVdDbG1iaGFjRDJYUkpKblhNeU9pZjdabGkiLCJtYWMiOiIwNmU0NDVmNWYwYjMyNjcxZmZhNGFlZDNmNWY4OTViMWMyY2Y4MWFhZTFlYjdlODc2NjUwZTVkNDA3ZWE1NmViIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M8o6AGY1YYpV0Py7dbNhCiPoMK78p%2Bf7S0ZB%2BfSrAdfxUSNWBoMQVaAHlxAd72TblQahHQ0HpZhuH6dVY15vbDTq5k6OMlVrTJlHOYCyIYRGxWn17dk5e8u31UTigukwEls%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941096023eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41957,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x552, components 3","md5":"23492fbbd2de7a832e4acaaee8226e6a","sha1":"57030a32c1937e9fa37fd866aa943b7493998fd7","sha256":"3f3c8c2e3a90dc9f83a1770efd98c70cc71cedea972a2f1bec750d3e92ee876c","sha512":"39d3cddb7da26f880395e5edda5efdab8903a6ad432f1dc44f8448f3b260dab90e08a23573889299d51c3ec287e43a48d30b612226026abf5c12bdfe6d265183","ssdeep":"768:Eyu7TD3jVYeCP9eXZghPNc4bQA4QWE/dSKyHnyetzcm779T:5unDzVTOeXZgLc4bQADoKySet4mn9T","tlshash":"8c13f1e6d6f3e718fed162754144b193b68da00e978bd29c7cd4a83f69e0be2580187c","first_seen":"2026-05-29T10:50:53.432229Z","last_seen":"2026-05-29T10:57:01.880778Z","times_seen":2,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/img/hero-shape.png","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /img/hero-shape.png HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\ncontent-length: 9030\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:22 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IlVDRExyWXJYYWtLYzdEWnRzVnpsZ2c9PSIsInZhbHVlIjoiZFZ6dE9VTC9BUWlpVFVMelhsaGZVRGw0RklrRDdnV1lFeUdmOCtuaU5RSTNFTm1QOFdiZFBLRzNJKzRTWVNiTWQrRHNGTnNvai9BY0JHVGdOdFJzaXZKZktLK2t1akdHQnpyODBxZC9QLzBnNFRvUExQV0gwQUg0Mnp5YzIrZ0kiLCJtYWMiOiIwMDZjNjNhNDFjY2FlOGJhYzU0NDc4ZDg3OTVjMWUxYzA0ZjhmZjhmODdlZDE5MTM2YmFkNWRiMDVlYjg0NmZhIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IkU5dkM5NU9TK0k0elByQWpWRHpnaXc9PSIsInZhbHVlIjoielBrMVVTczRNbEVCSk5ReVdLMzlXZ0Rrc1JHQmFCdy9US1FBNng0MjVqMDBYbFdRLzBocFI5T2ZYQ0xPdzM3TWJoUnpucHVjZ0pvaVd1aFdLbm44RzdaSzlCWlFUU3VQMUF5RXZhVHkvOHh3bWJkQ1Jaa1prNTdOMzVWTTlncHkiLCJtYWMiOiJhNDQzY2MzM2U1YzZkY2I2MGE2MzVkZWI5Zjg3OTNmNGI4MDY0OGJlZGYxZGJjODg2MjRhYzg5ZDU1NWIzZTJkIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MrfAkqfzbrOxJB9xwLPw9okG%2BZrf9oTOKxHjxvq5SsZ6JEy%2BoQZlVDk2tPR7%2BpfmTjH4p24wrCaVMNuErgSF9gNAVvX%2BZKVh2u8gUJ1LAIcKDR2cO5j6cUsp3twGPpfYtsY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941096123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9030,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 452 x 337, 8-bit colormap, non-interlaced","md5":"4d0d3db2c6e499bb89bf4bcb9d385e89","sha1":"94680a4f4b40f2f96d15ab182dc757918e77312c","sha256":"963086079076a090966e65c945114e103541b82923cc3cb42d25bfc6337b2eb0","sha512":"b12b85155725d861d932ede7cd316a5e5c11bfa728ddde952fb84d00f56e3f2f8b00ebe94dcb86e9d647552cc489fc00368c20f27fa9b12918fb661e90199027","ssdeep":"192:BVmOH1wBC+A3roCnEK/GH2AuAfhZG3YMd5EFf/MJPSJ/6nwdFqT:BVhaAtMCEkA24jG3YRk5fUqT","tlshash":"0b12bf353b51592311abaaeb815ce2cd41c262237e64656f42d4eff873ec0030f94be8","first_seen":"2025-07-03T17:40:44.947999Z","last_seen":"2026-05-29T10:57:01.883435Z","times_seen":11,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/img/about-shape2.png","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /img/about-shape2.png HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\ncontent-length: 6323\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:22 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IjI0bnA4MjE2bXlhcDBZb24zVi8vK1E9PSIsInZhbHVlIjoiWDBqTTJPRDVFVW5Wb3J2ZDZkUzBFOHhvZ1lYc21jUmZNR1h5QUVGMHp3NENxZUl4aVpUUC9rNWVXOUYrRVB6NWtLN1VnT04ydTVwcUxlOXcwYy81UXBBMHhpbG1tMS9VL2YrQ2MwSHliT3ZrZzFVSnFNQ0hiKzdxOW9LdTZXOFciLCJtYWMiOiIxNWNiYmFjMGYyYjlkNzc5ZWE2MjEwMjQ3MWVmYjQ0M2EwZGI2MmNkOGEyYzc4YWVhMGZjZjI5ZDBiOTVkM2QxIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6ImREU2F5dVJaQW9mYVl4OG9pRHRHemc9PSIsInZhbHVlIjoiTnhkZDVqSnJwUE11RU9zQzNyZ01Mc2hzL3hweFhVR3BMendYdkt0bHlCN2NWNk9lNEJXVXVhMmpQdCtSYVphZ1J3VkJVd0tiZXh1K0V4SWhsZEExR0N2UXYrVkVXNzluc2JhWWRnM0hsWnFDN2xEc2ZleGRzRVhDWExHemNJUzgiLCJtYWMiOiIwNDExMTI5Zjc0ODY0MzRkOGRjM2Y3Y2IyZjlmNjg5Njc5ZDJlZGRhNWZmNGJjYmY1ZjYwYjJhMDQ4YWVmNmYyIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PQ3B47%2Fo2k0hIx%2FRIUkfkLTP39wUpVL4J6UnWBx2fUJCYO2WilCAlYL7gPh3qLIkKy1JFRVO%2BFZUb8Gx3gjni0gcsMUmEK1hUntpfscfXnHwmfrPtLRXQKos%2FH%2BtjGbWiPQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941096623eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6323,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 222 x 232, 8-bit colormap, non-interlaced","md5":"5c8c4aec5e177a7b61532450131722cf","sha1":"0108dfe9a963c469446747116b8ff787325acfe2","sha256":"d4f7317be120de92594455d68879c3f3969a384b2c4eabb4a06f7948e279b6c5","sha512":"f493cc61027dbf397345fb1b51672b7eb8b1e00fc48280b34a619a341dc3596462a5639d6c4fd40f68ecf519747d42ef09d355cca8ec9f2ece2203b7391564ce","ssdeep":"192:tB5QHqbvsPJ4nsrvRNR/kAN44mBhAbrxRS:tB5QHSv6UcRjNghAvxRS","tlshash":"06d17efdea7941784151195d93db41a41b72cf25fa63b5881ac1f248cfa8ff844429ce","first_seen":"2025-07-03T17:40:44.929241Z","last_seen":"2026-05-29T10:57:01.886594Z","times_seen":10,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/img/all-shape.png","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /img/all-shape.png HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\ncontent-length: 5427\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:22 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IjRKWjNyUmxmcjQ0aVk4RTZub20wUGc9PSIsInZhbHVlIjoiZVVnMTl4OUh5OE1PbjhEV0Q0b25Tb1FWYVN1dG1EV2pQNTNGMmxyVkIrU3ZadXZjZGRoaU9QY2VmbWlac0Q0SGVaZW1DdnRNSHJoVHllcmNpTDhJNXFJN1lMb2hXOG5WcjZPbUFmQ0UzSHg2M3I2cUVpWWk0L0QrUWJ2a0VEOHIiLCJtYWMiOiIxZTRlNDQ3ZjI5MDYxMWYzMDFkMmE1YjQzYWNjNmUzN2ExMjE1NjZhMmZlNzliZTBjYjNjNmFhYmMxNTA2ZDcyIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6ImZRLzRmRTByUXMwR2VJcitPUitYWHc9PSIsInZhbHVlIjoiR0JlNEU2NWpiSzA2akU1b1ZqRjJQUXVXMlFoMDZoN091TVJBR2N6QmdhOE5FbmlkUlZNNjhOQjcwdjZLSVRZYi90Ymg5cTI1NktkZTZvSEhjbENjVTc4aWdFb3doeVdIZlo1RzdUZEFuNTdTbjVjbEgwWmZ1SjNESWk4cXBFVXYiLCJtYWMiOiJlMTNlYTFjODk1N2Q1MTBkYTdhNDY5MWE5YzhiODk4NDJlOTI5OGJkZmIxNWYyYWNmNzQ2ODhiNjQ5OTQyZjZkIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iMrYdESFeynfQmSGw69rmw1%2BHc0ueUG3ARevH27g2DEWhe7W8SjYV2adk%2BFH%2BvEDnFqovQx2nNrieTR3flJU7yLhrVQdifcoqtcvidqkOSUdv8SPYKTZ2bqmG1GTUX4%2Ft3E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941096823eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5427,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 247 x 213, 8-bit colormap, non-interlaced","md5":"86e05f1d953f41830d134ef9fba7e825","sha1":"bd121048218445018f1d8b6c24ed1dd85ec1c743","sha256":"f3b78dcf63f4bfb21affb6a42fc17b1f868ec3d4ccaf11bf22c71b65bc8ae2ad","sha512":"9be6c2a9d5abd52ff683dce3943a9fc65da02455abcc5cfba2d56e1d6c8cab5c09a289d73f4977df5c2f4e15a5c8f13051d7330cceaa7c19f0b51b33345d7541","ssdeep":"96:BSJwRGBlHvICBbM8jacjpRZOSxAX14rf7NM6JGwGAeDPPVUfOPhghjDf7rAgtY87:BawRGBlQCBbHhjxPWl4T7NMat0PtzJg9","tlshash":"1fb18eb52d920d02001b675df171939862292ceb5b97600f20faf4d3deb51b04d5e97a","first_seen":"2025-07-03T17:40:44.938794Z","last_seen":"2026-05-29T10:57:01.888896Z","times_seen":11,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/graphics/avatar2_L6L8P_1.webp","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /graphics/avatar2_L6L8P_1.webp HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/webp\r\ncontent-length: 91248\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:02 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6ImRvV3hVOXczL2s2RzFaczFFOCtiL3c9PSIsInZhbHVlIjoiWlU3MWhLVDRDMkNLWGVMalViUlRkUk0vZmhKNVRVUlh1cGZ3V3k2TnAvY2lRZkJLd3dGZXlMbm53cHlxVnpjcUFPdWVYREhiTENEYU90NndYU2oxZUFQWXZnci9ZMDFDZTVNSVZiNDBsRVdiWFBaTklWWWtDbFQyVkF1aENMTk4iLCJtYWMiOiIzYzhhMjFkOTdjY2YzZmVjYjUwNTUzMjcwMDcxNGU4NTQ4MmU4Njk2MThmNzkwYTkwYmNkZDdkZTI2NzcyMmUxIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IjhQMytTMDdZbFZUWWlpdWdSM0xtSXc9PSIsInZhbHVlIjoiR0RGMlJHaW44ODV3NGJSR3MxOU5rMFhqRXFkOWdQTkNTZ1RmNWs0S3p3L081SWVHMzhXTFRiSmtWUlpwL0NqdFZmYXpXRm1VUVErU1lpMXNPdTFwUk9kNW9hMDdZRldEcTQ3eWVRSEtBbXhzRkRVelpXbGFaU0FmOGc2NzJuR3MiLCJtYWMiOiI0NWZmMTNhYzQ3OWNkZDcxNWZhZjNjZTU2NDI2NTYwYWU1ZTAyMDU3NDA0ODg3MmFhYTRhMjU0Njk5ZWUxYWRjIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m%2BlE6jTmvjXuboGRKhiqyekD%2BinA3%2BpH3rZkkGIjAc%2F1OqCL444ZGHfvIKbL1ibm%2BkKSm8HkQgH2UOgJMDDX8YP2uNeP7VCl9ggQJe%2BJxsHukJs5MD176zxRFbfTsmhLd68%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941197523eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91248,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0fa55932295fc7ce0dfbb7a4857fe464","sha1":"295fd8b2aa980eff34147cd490891701c723de35","sha256":"97f27d1f159bd80e38e48630e679b2ded270774a282f451dc625c9b47d743b60","sha512":"b540d52d75380317cbb45108a2cfbb65bbfd6fc8fa5434a92c4a4adafb3a1b367a650799d8f9562fefa0d7faa1780998c8819710156f5d74ab552afcae7ced36","ssdeep":"1536:K49otsLHueDvRVZhdEOjHad0NQX31jcHuuKCB+ZG8OhW61K5mH91N:K4ieruerRVDmiHcIQXFyf+ghNdv","tlshash":"a69302e096fa338a63024a7908603d2b7bc4b718a4c6452da33b5e4ac9f7df5d3f1651","first_seen":"2025-09-23T12:19:35.952427Z","last_seen":"2026-05-29T10:57:01.89031Z","times_seen":3,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/graphics/ava_q70_2.webp","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /graphics/ava_q70_2.webp HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/webp\r\ncontent-length: 115312\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:02 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6Ik1IRlpQQTFFTklzajlrRE9POWJpUFE9PSIsInZhbHVlIjoidWkyNzhQd3VXV1E0NTNhMlRQcWNNU2RvSVVjRFkrZ0dNdnNWS043ajdPMEo1ZUdyMVRRamtEUkZTclhMdlhBeTdyTE42YnlGbENNQlVEMjAwelFBQXEwbGM4dXU5QjFKeHI0VUtSKzVGSjZXd3NyNzhid3dhM1UyMHlwbiswYXAiLCJtYWMiOiI1ODNhNDQ0MDUyMzQwMTMzYTYyOTQwNzcyNWY2Mzg2MDlhYzM0YTQ0YTcxNDk4ODNkY2RjYjYzYWZjOTdmMzMwIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6ImJFYlRjbnk4QVhFbXp5S0RtY01xdWc9PSIsInZhbHVlIjoiSjg3SWR5bkVzNGc0VHBFc0dkN2NDbUE0MVpRNENSUHNhYUh1NG55NE10UDFGc0lVOW51MVo4a2VhYTRMS083T29GSkdXNDFqenloeDI0UWQzalhYbFdmWHJlZXdQNGwyQnVPSkR0WFVJNXRmSnJabnkyMFNoMSsyYVUrSkxWbnAiLCJtYWMiOiJiYmMwNGQ3YTZhMzE5NjY2ZmRkYzExMWU4YzkyMTVmZWVjYmUwMjczN2I1YzFjN2E3NmQzYzNhYjQ3MDU5MjIyIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gL13mSDGJfbmGY4A1UfZYeruVbvLuWItV5zi1JfuLPFegEq4aW%2BAsoK6hY1Ap0x9kD55oejrhy3Hr6UPtfCAOWAeldg4jazcZcmpWyoz8qHThRZvZrbVmlnUe5%2BLjL2TBwQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941197623eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":115312,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0af4a9ae6d31963872eb26da79fcdc14","sha1":"ed6cfaf8b90751fceb0ba8ba5ac3ffcf94d5f34e","sha256":"4bd44fd0654d2c029154a3ce771a202cebc29ab6cbaa52982feb23df0a22dec2","sha512":"57a5099ed8f979831b36ce73cadbd54166db59be86d98cb3807266f31cbf236f9371a4dfc6a72b6698b5bd2648ea1cac8ffe01490bef784d6b8d20759c9a819c","ssdeep":"3072:YWgPObSXyw7W4amnba61az5BRIYFbIJQwv2Gni:YqSXyKW7uaIadBRR1Iuwe4i","tlshash":"53b312cc8cb67dc9798399496d074ea74270a296f138c6fdd2523b36905a8a1dc32f3d","first_seen":"2026-05-29T10:50:53.411449Z","last_seen":"2026-05-29T10:57:01.891742Z","times_seen":2,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/hindsiliguri/v14/ijwOs5juQtsyLLR5jN4cxBEoRCf_0uYVKw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/hindsiliguri/v14/ijwOs5juQtsyLLR5jN4cxBEoRCf_0uYVKw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cardswebapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14480\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 29 May 2026 10:46:33 GMT\r\nexpires: Sat, 29 May 2027 10:46:33 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 16 Sep 2025 13:41:48 GMT\r\ncontent-type: font/woff2\r\nage: 606\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14480,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14480, version 1.0","md5":"9f7e2d2b2ab53fcc30225e2d46c59436","sha1":"a1a9b25074ce18375d8a5c5d091a2238ae3eb193","sha256":"e8f0fc0cabf50652d414fcb76a02c6a21d6bcfc19adcfd14453088a9dae1d970","sha512":"9c2c0bb0d435dd383d8f4900a78d4c5bd6c7a9958f755178918fd5bde8017eb4bd34b5aecdbc5645f9d6bfdb86ab16283cd43b949d12df94200ece4649657ffb","ssdeep":"384:y1RaAxIRmmj3cPicHsLKeLhbR507yb+PMVZPQX:y1MncPbHsLZdbO7MgX","tlshash":"0552c04bcf46bb71ff47943121a6a6a9d8af62d0027bd030d9bc4b54e7916bd40c439d","first_seen":"2023-05-01T21:53:43Z","last_seen":"2026-06-06T11:44:57.338242Z","times_seen":551,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":77,"dns":1,"connect":16,"send":0,"wait":17,"receive":3,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/img/earth.png","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:39.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /img/earth.png HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1IRlpQQTFFTklzajlrRE9POWJpUFE9PSIsInZhbHVlIjoidWkyNzhQd3VXV1E0NTNhMlRQcWNNU2RvSVVjRFkrZ0dNdnNWS043ajdPMEo1ZUdyMVRRamtEUkZTclhMdlhBeTdyTE42YnlGbENNQlVEMjAwelFBQXEwbGM4dXU5QjFKeHI0VUtSKzVGSjZXd3NyNzhid3dhM1UyMHlwbiswYXAiLCJtYWMiOiI1ODNhNDQ0MDUyMzQwMTMzYTYyOTQwNzcyNWY2Mzg2MDlhYzM0YTQ0YTcxNDk4ODNkY2RjYjYzYWZjOTdmMzMwIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6ImJFYlRjbnk4QVhFbXp5S0RtY01xdWc9PSIsInZhbHVlIjoiSjg3SWR5bkVzNGc0VHBFc0dkN2NDbUE0MVpRNENSUHNhYUh1NG55NE10UDFGc0lVOW51MVo4a2VhYTRMS083T29GSkdXNDFqenloeDI0UWQzalhYbFdmWHJlZXdQNGwyQnVPSkR0WFVJNXRmSnJabnkyMFNoMSsyYVUrSkxWbnAiLCJtYWMiOiJiYmMwNGQ3YTZhMzE5NjY2ZmRkYzExMWU4YzkyMTVmZWVjYmUwMjczN2I1YzFjN2E3NmQzYzNhYjQ3MDU5MjIyIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\ncontent-length: 11220\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:39 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:22 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6Im1CNm5zUmRpVURyb0dsWUpZQWpEY0E9PSIsInZhbHVlIjoiM0NibEdiT3JiWEFJODlpT3BpUzhjaGVFaW5TZnZxZmc3dzQ3T2phSnBTcGtiTzJDTVJyYlRZODlqWDhjcWk5Um5adkRIdkVTNlF3Z0dkbEgwZVNsSS9lMkg2eVZwQWluQ2RUcGY2ZHZYTVF6NGlTZGtIRXFBZC9zMk9OTStXbWciLCJtYWMiOiIyMzk5NWVhNDBjZjc5ZDgzYmYxODhmNzFjYzIyYTg3MzllZjA2MGZiZTM0NWQ5YjZkZmJjYzVkMjkzMTY3ZTliIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:39 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IlFKSUtsVmMrS0hlS0pZWFlFajlaRVE9PSIsInZhbHVlIjoiVHRvTGJseEtIRTVLTG84clVnaEFFQ0srZm5OS3U1Qm5VZTdoQStKU0s0cE85dGlueDUrNk4vbUw0UTVuc3owOHRXOUhXQ1pzOHo3S1lmSHVRRnN3cDY5WjM1YVg0aDdkNUJPcDJQZlVVckt3QjF5UFgxT1FoaGVoV3NhNGlpajEiLCJtYWMiOiJkODRjZjVhYzczODUxMDMzYjA5ODViNDhhZmYxN2EyMGM1MDdjZjBkMmVkOTBiMjM2NTdmMTBmMTBlOGU5OWQwIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:39 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dBug8Drb9pwxmdpMyBY0iSJA58Addg9%2B3nexLua14XFciQ1bIHmLVIwek6b6zSA09gZ%2B%2FQOXHgUFYqx2PoOg6W44OHo1PSFB8DtcOSYfvE3i%2FkSaPfTGSNftd13RapdvV38%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f943e9fd23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11220,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 286 x 244, 8-bit colormap, non-interlaced","md5":"8ef9f389700a2ba66dc0d749beb4cb5f","sha1":"f975dbab1de761b394500f1cf8c53ccd6608f928","sha256":"47a90e37907545a42ac63cb69eafc2798fd007c5ac21e3460ce434a0b87deade","sha512":"f4e22d6f31975d3562c52bb95784776757efd3e40e591ff84d2e373e5571e4c479a742d59a7b470a91768ed7d1d9d1c6ddf99248b7f034acc2fae4e61d6efd9e","ssdeep":"192:AfmQfNIt7gkDU46wol3GUMgWqv9MloVcR7xYA02UL0Xm+XcyNLE1kokmlLv9yRwm:fQ1ItUkDU4Sl3H1ihx1O4RMyNL8l7v96","tlshash":"60329ee8f4b20ff355e0b13e97b0256636e0810c068667bd042a7e8b8e28769d55f75a","first_seen":"2025-07-03T17:40:44.90578Z","last_seen":"2026-05-29T10:57:01.893906Z","times_seen":24,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/view/photos_video_69c2fa94900cd9.19207800.mp4","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:39.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /view/photos_video_69c2fa94900cd9.19207800.mp4 HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InRNTWJJVkhPSk41aUR1QlZHY05FZ1E9PSIsInZhbHVlIjoiVlp6dkRMY2NVeHVDWlZTa2V6US9EVm5mL05UT2daRTI4UmJicndjU1dKOUFJK1kvM0o5M1IvUHlIdGVPd1c1eXE2c2hwclNYcWlydzEyOG1zWUllOWgwQTFkd0R4UUZaWS9xcHZqbXhBQ2V4Qlh0d3RSdWpyK29CS214eVp6eTgiLCJtYWMiOiJmYWRiNGE0NTZiNjFiZDdiYjQxNDRkMzE4MzdkZWFlNTY0OTJiZGYwY2IxYzFhMGVlNTY2OWRhNzU2NTNiYWQyIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6Ik1sZW1Ja3g4S05VdzMyS1dMOTNFcGc9PSIsInZhbHVlIjoid2FmaXhJOWFEcTl0b09WM0kxeHJFVG1uVG5Ydlo4WDhXblRqWU9vNTZyZm4zTnFxc2RLS1JMbTNGeWh5dy95U0xTckZyeGE5TlR0Ylp4ZXFPQWpoWHZZdUFEWWcwNE9LbksxcWxTRjAveWFxbk1rdk5xV0dGV2g5dUJ0RGoxaWkiLCJtYWMiOiJmMmZhYzg5YjFmYTc2NTQxMjEwMjMxNDM5NjBjN2U4NmRmNGQxYTA3MmJmMWZkZmZmYTg5NTM2MDU0NzE5M2M3IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: video/mp4\r\ncontent-length: 1897693\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:39 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:56:54 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6ImVRdXQ2T2NGY2EyWjMyNVd1dnV2cEE9PSIsInZhbHVlIjoicGFWbjl2dWZ5bHcwREFkU2ZtTGh1b1lnNmx2UVdjWjhNYk9SVER2V216SzJhWmN0eHh2bWJVWGVDblFCYzYwd1lvMDZsUmlseVpvNnliL0VVY1IwTTVxMGNVUHdEOE5zN1VJWFU0STBRT0RoTnpwL3ZzMXdLaWc0V3o0UUZQQ3UiLCJtYWMiOiI2Y2Y0ODljZTc4YmQ1MzRhMzRiNTMwMzU0NTY3YjgyOTI2ZTEwYjhmYmRiNDY0OTQ3OGM0ZDBhNGZjZWJlODM3IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:39 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6ImRicWV1cXpidGdqZHRYTjBDMnoyQUE9PSIsInZhbHVlIjoickJGcy9tc09raGtXQlEzdERBQ25DOG9TMEdaOFliWWcyQTJub0V6UXZjRXh6c0hvV0dkQ3JFd0NsZ1VyUE9kenV0TUc5ZkRUMlhCb3h6eXFubmp1RDg5bXVzWmNyMjdWTzZ2cTEySkE3VkpxanJjc3RoRlk4dGd6TE1mQUhTUkgiLCJtYWMiOiJkY2JkYzE4ODIwN2I0NWQwMGRkNDZiMTg3MDkyZGY5N2Q4MDZmNWM2NTA5ZmUzNzhlMmQyZGQ4MmI4NjI3MjAyIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:39 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IvSF5ewvtWU0nIhRWVpzCW8J9vYqinf2ZoizzfmLCKZ8YTQKMZ1FFM5APSE4%2FEgR5xe1g6EHo%2B9IONXkb6vG3n5UiKmgPEkNJkJ8%2FbvdUZRXLaFtaoaSV592lLmhTZ5tpbA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f9442a0323eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95496,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"422e62c1958db7e0c354add217df523e","sha1":"bfd15ce021947e1f7a3aaf99453f7fcc2840e9cc","sha256":"1f04fb925c889119bd84d6d193951f217428125fbfc0cd1de819441a20a5d601","sha512":"eb1b98bc8eb4fbfaa4cd97cb0edab15801842265929a047e2aa8a2e0d3d3588af3fae502d5d452b89a0d7b7c334e466127c52b96b3ae1108b66042ad494777d0","ssdeep":"1536:3WRwMaM46Xk60jxGyIX9rjBv0mwxfDrtuSN2Pza9f1P/adbBd3vTk7C8U:zfJJ6iGnrjemwt0GhDXGf3v+U","tlshash":"6793f14fbbe6c41ef6095236d8df539636b9faf40313a9932108636e2c0e1b48ed04b5","first_seen":"2026-05-29T10:50:53.440078Z","last_seen":"2026-05-29T10:57:01.89464Z","times_seen":2,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":99,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/logo-main.png","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /logo-main.png HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\ncontent-length: 32665\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:02 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IisxNm1DUWdQc0x1RFFqRVl3eG9INEE9PSIsInZhbHVlIjoiRmt2L3VTQ3VXSUl0SnczSGNDVmJrUDJ2QXVCNG9vczF0NklHRnZiOG9MREJybDBPbXZ1RVlRWUtSOTNQZmQwQTNjbndrcUhiZE0yUnVLT2dOOTFsYkJOWWNSMk8vZk9oaGVodVF3ZU9UczlQYUpEcXoxTklUS2VtazQvYk9NYmoiLCJtYWMiOiJjOGQ5ZjUwNDA5YjNiODE2YWFlODU2OTgxNDc3MmNkYWFlNjcwMDM1NzlkOTEzYTgxM2RlNmU3ZDc2YmMyMzg2IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IlpmNDdHRkJvNmtIRzdxQWdTeXBlblE9PSIsInZhbHVlIjoiRWxzTHJJZkl2Vi9Ram5CR3N0QzFTSmxvUXF2amVBTkJHMTBhOUFhMFc3WHNLY3dhRklDVlYrKy83TzBncUQ0YUNDYlZtVnN1dmI1cFlMaEJQNnZyNzdPeHplREQ3MHBRS2NJMHh0U3JsQXcxQzErMHE4VHBjczlDNUNKQXg5OUMiLCJtYWMiOiJjY2RhZDkwMTFmYTFlZDA0NDdkMGI1YmRjNmFlOTZmYTY2OWRmMjdkMGVkYmY0MWY1Zjk0ZTc0YjQzMThkODRlIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s21oAZwFiSRD%2FSuZ3nt5S8cQFztAsB9ybLAC8KOwKeGAjpADNgxyQx7%2FP1EvAJxeTL%2BVP8eGAguv72cTNKcvoIUOhz82IO6KWKXTO32YOivhpRTg9O%2FHzR2iH5cD4qPsdTE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f940f95d23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32665,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"9d48a86da3ff849a19fbe6a4345410da","sha1":"97f22ea98405e9daa10109db5fd933a66dcba4bb","sha256":"ef3a99e62186bd9de02e3d389aab7902cd8c887ccf551dc27d678080ce50e6a8","sha512":"ea05585d786f7a5fef1a4c2a20e57268700516150ab952fc975167a716c0d7a2ae02a3ce132c79e7c0075460b2c1835c8cf20f3183f101ea60cad1d688a6aa7d","ssdeep":"768:l+af1MnpDR9VzS2hAnoTDxGR4GZjR37nyEc:OpJNAnGDx2NRzyEc","tlshash":"f7e2f28de36d2a3e864d6149f79812ee1090fb52fb50d2feb2275e80b87a300c45806f","first_seen":"2026-05-29T10:50:53.382489Z","last_seen":"2026-05-29T10:57:01.905035Z","times_seen":2,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/img/hero-shape2.png","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /img/hero-shape2.png HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\ncontent-length: 2648\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:22 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6ImJ0WWZCeTBoNldTOFJKMnp1NHIzZ3c9PSIsInZhbHVlIjoiRmtTV29FMVVxSlNuYVBDNmdYc2xKeWdTUjk0UHhQc1kvSWxaU0gzTFVZT1k4Vk01MGhnR0RBeHE1b01sRGU0WHkrWk9RckhjYlo2Y3BNRURWOWJxc052cE1RUG1VQ3ZLaUxuY1Yrd1UrQlpsZUZBSzNOdG1ydjBQTFVmTWxwblIiLCJtYWMiOiJhN2E4MTZlNzgzNDBiNzVhMTE2NTU5NTY1MzIyZDM0NTMzZGEzYTc1NGM3NTYyNDkxMzQ5Y2QzNTdjNWQ3NDAwIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IlF2MndMYUZjcWxRZXh4S3hPL0xFNHc9PSIsInZhbHVlIjoiSE9KRnowTWlhTWhINThDVStTcG1vWFBPWS85Sk1Qd2NiS2R5U1IzbTVYRXQxVU9yQ3hTdzRGL2JsWkNjeHpGSHU3Vit1bGJXVmVDWHlmQmIxR3hOYmx2K29lSW9EOXVLaE9vRC9ZSXlZbTFacE45RWh1MXE4SWdDUVh4UzRyQTkiLCJtYWMiOiI0OGQ3OTYzYjEwZDRhZTU3MzBiOTY0NzBhMWRlNDBkZGVjMzYwNmE2ZTcyN2IzZDdhOTVlYmUxNDYxYWIwY2QzIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H8iLrTXxvlFrBnV2XD6VCAB5hMx0NKNaVG1YUKOXL3jRSmZCJSfxftT71pc2zD98VG80y81GSDN3ebOERoBYrEjjvibeoYJRrJoIOSfS8aNf3tNc5uKt6HNlYi2cQRHSby8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941096223eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2648,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 361 x 376, 8-bit colormap, non-interlaced","md5":"13b3218667c4167b012e3df9d70e5bc8","sha1":"e4a87c95c0c14fbb2912e42fb515bac97d337670","sha256":"7bee99a85e6f62bea284da2e4c48c48258c8e5d730379794a5b76c00fbbf5849","sha512":"2aad0adfa1cd08a8cfa6303a76c24df383e24ab1488ddafba1e14c6e3a14f805c011528b1981a3fbc961f091abf085622796283747c3e0fbaa2dfa01b3bdaede","ssdeep":"","tlshash":"25514dca7512a9e1ae30e430d406037fe9d88da5e2346105118e3d2a54f0bd73ba4fd1","first_seen":"2025-07-03T17:40:44.924059Z","last_seen":"2026-05-29T10:57:01.906656Z","times_seen":11,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/view/graphics_gallery_69c2fa8dc67434.58510251.jpg","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /view/graphics_gallery_69c2fa8dc67434.58510251.jpg HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\ncontent-length: 82238\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:56:54 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IlBERm84WXlDS0pJTDV5SDJNRlFEMkE9PSIsInZhbHVlIjoiaTZvcWtRM0VVdDJmc0poaThwdGtwRTBRR2t5U2lsdWltZDk1NmtpNzZ6TEVrei8rMkNaWVlmd2RvMEJyTmpwRHdKbGY0YS9lQkkvS1I0elhZbjVUT2l3bGVpR3dhL015K0ZWUVIrZS82elZZbFVhV1daelpkb0wvUjIydG41STYiLCJtYWMiOiI2OTRmOThjNDczMzJhM2EzM2VkZGE5ZjRiNmUyYjJiYjU0ZTk4MjRmOWYxMTQ3YmYxODE4ZDk0YTYzYmVlZGUwIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IlN0MmoydFVZTVdjQUtOMExibVc2Znc9PSIsInZhbHVlIjoiQ1RYak1sWlBqUU96enJrSHZwTEduN0gxVHZPOHVkZVBDSGNrMDBUV2s0SU15elN5VGk5MC96QnVBYnU1R2F0RmNYajNtUDh3Vm1PYlFEZ0ZKWnFycHBSMXFwaVY2K3cwRUtOaGRTM1F2TFRuUHRKMUs0SC82ZXlIOWIrT01maUciLCJtYWMiOiJhMjhkYWRmZDZhNDliZmNmNTJhNmE0NGZjMmNhOTVlNGFlMjQyZWJiMDQ4NzVlNjQzZjc3ODhkODhlNDM5NmY3IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FiI5X0D6Q28PZt1NckSy42hK%2BWOS2Ot4yf28Bg1o8pEnOjkNTh1xoQXcPxrHFOBdwikE6b79c25BuT1EahIjeOzDJUiKJGd4p8QfIs2oVKdZ2NxDou9K4caE8xMhhVu6ouU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941196d23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82238,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x683, components 3","md5":"d98c9d9666826acdc3587e08aa7bf456","sha1":"6a861802266a03eebb9f23cba1bd4fc4fd8a1568","sha256":"6cc85e984690d364fb2d3481ef1ca63d955276c02caad92854379cbf8312d5a9","sha512":"1ac5ef9fbbeed9ef3ed6df3edddfc6a867796987d649edaad4e8f2d80ea20bf7ffae2cfeb9c41942536f4fa743f94b0ba29c824f1dda41749c742c79361a4d06","ssdeep":"1536:IGzcicVeYTmeFSF3dv2i19HzwtQ5XLtkpwV+5feVhBvHHzd6Gy4Y:IZmekdXHMyLtkpwqGVhdzd6Ga","tlshash":"0583129649d6f1cfd33c117ac8f55403e72f841045ae82337d1a7a2e2b53bda63ab528","first_seen":"2026-05-29T10:50:53.42846Z","last_seen":"2026-05-29T10:57:01.907764Z","times_seen":2,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/view/figures_gallery_69c2fa8dc67402.15499568.jpg","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /view/figures_gallery_69c2fa8dc67402.15499568.jpg HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\ncontent-length: 52386\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:56:54 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IkhjaHNaMURzL2I5Z3lOSFBVM1c0MkE9PSIsInZhbHVlIjoiRXdzSG1DVHIrN0lVYWRSd3ZBVzNsS0lSTWZ3em84U004T25zUWFyZmNxN29WOGpiY3pydEp1MUM0MTRFejdicnJQMmtsajU3S0dMWWF6VnU5SHhzN0RtS1FvUlFnTE5oU3JaRDFVNlVuNzZiSHNIa3poRlczK2ZDOEI1dHlaM0wiLCJtYWMiOiIxMTRlNjFjMTBiODNmNWFlMWNhNDM4N2I2MWU2MTNjYTNjZWYzYmQxOGI5YTU0OGFhZjIxYmYyMzQ3MzQxNDRiIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6Im8vb1F6clBNdjQ3MFhxTk1uejZuQnc9PSIsInZhbHVlIjoiNHNZbUo3WGhrcUozY1VYWVBQckVUdGcyWWVnSWJzYlA2MDJGZFd1a0pUUVRxS01pRG5wYzhhcVhrc3hJNVRvdkpySEpJeVJsRXAvc244RmZzMjcxYUZ2Q0tuN3pXQ2QzWnp3RHdKUUwyVVVTSTNlbThtMzJYMWhPcWFmbTZXZlgiLCJtYWMiOiJmYWIyNWM2NmEzMzhkYmU5MzcwZWI2YzZhYWZjZDUzZjM4YTYzNGRjYzk2N2JlMDgyZTc2MDg2OTcwN2VlZjQxIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mW0pRfqpSqxrV63ecHTj0tjC7pjjhcMWNgGGAUvrO%2Fwfih81KKa2hQCIlyokFPOq3WcoqRBsGhkZodlmxRiS366DfcFGMXAqomPR8%2FrYI7oipQhhFlN0Y5mNZhOBnIu%2F5BM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941096b23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52386,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x683, components 3","md5":"ca4f4d10757192f255cf6c3494b0d10c","sha1":"edb02cb46a1fdcb342962ff87baeefe7a61f54b3","sha256":"11ec164be4585d18afc46154f07378cd9935c23696b5c7193f19fda2ec2c86cf","sha512":"3b171cb1e796212211bbb7812675a862e83d38987269174f558b7d11d34e553c18ba248a240ec467dfcad8b569831539859926e14ed62be6407993ccb5603968","ssdeep":"1536:KgK8yTAe1FnK9QLfMEWaK030v2TBPrQJj:KgKFEeFnKEM/aK0fTxr8j","tlshash":"3c3302308380ba6ac24511f98e7e0329447b9d76c49bc4e475d17c51fbd21e2ad7edb1","first_seen":"2026-05-29T10:50:53.445166Z","last_seen":"2026-05-29T10:57:01.909586Z","times_seen":2,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/graphics/avatar2_L6L8P_0.webp","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /graphics/avatar2_L6L8P_0.webp HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/webp\r\ncontent-length: 51824\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:02 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IlRuR0xmMDg1SThNTVdTeTlpNGFoMmc9PSIsInZhbHVlIjoiSldVU1hsb09UMTY0MFpTWnFQWWI2SEl1cXFDZjRXcjVxclZYcnZuKzFacFBxQS8yNzhUZlcrSjJYMUR0MHJkTHdUQ08xOEt6RUsxNDE2cDJRY0c4VDNYcDFod3BuUnRNQWFjUE02VHo1SlYrMkpxVUJ4d3FhOUVRQWlQd2lkOG4iLCJtYWMiOiJkNTQ2N2E5M2JiNGI4YmJmZmI0ZGNlZDE5MWQ1ZjM4ZjZhYmE3MjE2NDVmN2ZjNjg0Y2RlYTBkODg5MjM5OTM4IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6InNVQnVsRkxsYWU5U2xLNk5kcVdrUUE9PSIsInZhbHVlIjoiUElzYjBmYjIrY0JMNUJIY3ZUcUlhaUxzck1QeCtaU2J6Q2NVLzFPaTRGVTZid3ZVR2FvaG9CZ0VKM2RBdHhpY3VURmdiQjhyUFlsUkNQL2tvUlVDWklKS1FhZDRvUjQ1UGUvTGF0QVorMVNNdnBmYVNvVzlnSzNZSmNlUDhNM08iLCJtYWMiOiJmNzI0MjkyZDAwNjIxMzRhZDRjZDI4MWM3YWFiYTE2NDg5YjIwNzc5NjU4NGIxZjVhYWYyZDU1YmI3MzQyOWM5IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2Gka2EQZO%2BJp9l46SY7tkNJpFqd5niPlDmBvPtSKUaMMrIId8FdYCvJQoCXEdvGTxUpz64MnJjy5VY1C2Fc1FAoGpf%2FYmcoLPABYeHJisePVEIiBrufZe60gtnrBqyFmX90%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941197423eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51824,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5dd1441f10d0a942937593222f22809d","sha1":"754c4bf5fb6178eefe5253f2c173abebf84c0a8d","sha256":"ae344382598e6238263b3a66e01ba13fd172e5872567d8bd3a0ab7ffa9ebdcc2","sha512":"bbcf1c36fa478d1b0b2b346bce429200f50cb8e4f0f5448dbe8d473c88d90c26cfe20766ebaf70ceaeba00700187f369a490e098f46eae0b238fe9df99fe5ba0","ssdeep":"1536:ByyA9xxjN3Au7NHvmqdPr0lA3x7JmOh12o7EPf:cb9xxJ37JHD0lA3x70csxf","tlshash":"1033022e09714e4c51063ed4baf60678c9edb2485d5ceec6418d06fd62a3e534ffa68c","first_seen":"2026-05-29T10:50:53.396705Z","last_seen":"2026-05-29T10:57:01.91138Z","times_seen":2,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/hindsiliguri/v14/ijwOs5juQtsyLLR5jN4cxBEoREP-0uYVKw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:39.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/hindsiliguri/v14/ijwOs5juQtsyLLR5jN4cxBEoREP-0uYVKw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cardswebapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14724\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 29 May 2026 10:50:26 GMT\r\nexpires: Sat, 29 May 2027 10:50:26 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 16 Sep 2025 13:43:23 GMT\r\ncontent-type: font/woff2\r\nage: 373\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14724,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14724, version 1.0","md5":"fc4268e5177f6fea5ba65f17f10c7088","sha1":"b7fd5cb55e24cb84f4224021f84af53d70404b40","sha256":"c39d0db6f570276765a06728ce87d83be5808ae403475ed6b49a64c02915805c","sha512":"cdfa69b038fcfb08814c95aef16e2df9ba06bc888970523ae197eaf4dc81f6900a64db4e5965db0a8a047cc80a9d43af72c1a9d297faa150027687900882e7a0","ssdeep":"192:S7XZnGNOx0NP7Klg97LUm+/ffEgIiZFvK1WgjsmCJSCFmh2hkCmoq6ct9Um:SDZ/xhgBLUpvcKusmCJNmkhk3DB","tlshash":"1262c086b9d2de14c15104fd843528d204797fdf7420bfa89ea2a53d683da83b4cab65","first_seen":"2023-05-01T08:56:20Z","last_seen":"2026-06-06T11:44:57.337521Z","times_seen":613,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":51,"dns":1,"connect":15,"send":0,"wait":16,"receive":5,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-29T10:56:38.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: public\r\nlast-modified: Wed, 25 Mar 2026 01:57:22 GMT\r\nset-cookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gXn4yJm%2FzLouKmzQqdzDIV21iddF3ATGX8MkI0XSWa87A%2Fi54e6av7CdVE5dWsZaW2iEACKbKpHXxIQrIrnuGRhcuE3BrD1HDyBOU%2BEe5KMAc1YcDvMSwvDhjeTYHYg8UIg%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: a034f93ebb8a5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111970,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2202)","md5":"e8c052aaf155418a179e8222a59efbf4","sha1":"9483115574150b14cbbe196aae0d10112d06b253","sha256":"6fa9f11a927e7e85d4ae7e7ee91a5dfacb50393bca54f112548b4dd8200fd790","sha512":"db47dc9c622cbbdfcd1fc0405642ed9ec9bf3069e941aa5f0d6706c26560377d0bd177bce26c356583378d3e2f0634233e058c6e9d06ecdbef0cc38e1ead5309","ssdeep":"1536:mxlhdQ81ubM3kAUwVmgXNMLiypLiy9hs/fBJm2dUJpqWup9WHpPexf1:6lhdQ81lXqLiypLiy9C/fBJzdUwf1","tlshash":"dab309b412f70824650b41749bfa131a372c9087db0edd64b6ed62988f82dd8ddb7acd","first_seen":"2026-05-29T10:57:01.913789Z","last_seen":"2026-05-29T10:57:01.913789Z","times_seen":1,"resource_available":true,"data":null}},"time_used":253,"timings":{"blocked":45,"dns":24,"connect":1,"send":0,"wait":163,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/service-images/NFT-blockchain-2026-03-19-1.jpg","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /service-images/NFT-blockchain-2026-03-19-1.jpg HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\ncontent-length: 111572\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:02 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6ImpmR09aanR1OHFvNUFCZXZyWHZhRVE9PSIsInZhbHVlIjoiKzRYOXAwTFd1SHYrUTJ5TlA4QnJvRjJGVDhMUFVQVDN6TVZQVGkzaDJaYWdqYlVQbkxCVEpYVFhNdDVxeGV1TVgzUitPSXI2dFNRRFVuYUdDWENDRGcrWmtuTWVyUEFjbzZkS210UTFVVDRuYnBXTWRjakZDcE9STEhuN0RrUFgiLCJtYWMiOiI3ZjJkYzY4M2UzZDZhYzliNjQ0ZWNiZjhjMTFmNWRlZDNhMTI5MDU4MzRiMGQ1NGQzOTE2ZjQ2ZjRjZjRlZmQ2IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IjA2MjEzLy8xR1pMcHhRTWlOTFVtZkE9PSIsInZhbHVlIjoid1kzZmhuRXhKNjN3ZWlPSmE5U1p6MnRtaWJZYnVFQXlkcGd2VzI0VmwxNG1MT29JVkJYbWg0SjNLMGZvZFJLUnN3TENFcUpnQnVEdjkzUjNVMmR0ZTNTRGhHNWVJOVM4YUxzRzFLSW8rN0FLZml0YWFCaGhYdmVJWmRKZm1pWngiLCJtYWMiOiI4Yzk2OWQxYjkxOWRiNjUxYWM5NDdjMGE0Y2Q1Y2EzZDEwZjRmYWI1Y2I3MzVjYTM2Mjc2YTBiZGMyNmZmZjE4IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W66tFn2OEHjh8%2B8Vhc%2BzRRlUpVolqddEeSeGAyujfzD3ECx0A6yEs7ia%2Few6T7YM01%2B3seoO0mwiNrX3ppIt9c%2FwVqg7P5WaDUuVD%2BEUVGAanlrR7AkqcIGGpMIjOtGkP2c%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941096a23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111572,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75\", baseline, precision 8, 1920x1080, components 3","md5":"2ac896e0bd6b4dfd2a7e1daedd0d36e5","sha1":"f610efa086f4bfb67fc09e967a3fc4fecb2e6249","sha256":"a0f5dac07b5dadd0832e3d648c2d704ed8220a5e7804d9768d53f7cae9549183","sha512":"21ab04a41e8a38cba61e0aec6ba287f11d4c856a184c0a1ac354b08f255d35cd5df8a3d70362f9d085c9601bfea44ba784280fbebe6d5d59872af35471ef8141","ssdeep":"1536:Gb+QyG3y9TnvV4qWfk9MwBylbRdhP9MjUz48f9gjFq/NLoTaWrjVp9JQfGfwaswZ:LG3ylxWyfYZRd4jqZ1rcuGjVPOBI","tlshash":"dfb3d0475c658a879514c3f8be0b8ded9f163b4c9ad23afb50278f873b209024d9e06d","first_seen":"2026-05-29T10:50:53.419584Z","last_seen":"2026-05-29T10:57:01.915617Z","times_seen":2,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/view/icons_gallery_69c2fa8dc673e6.72892360.jpg","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /view/icons_gallery_69c2fa8dc673e6.72892360.jpg HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\ncontent-length: 150419\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:56:54 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6InkrUnRuS2FzT25pQ21wRExkQ1RvSlE9PSIsInZhbHVlIjoiNUZ0b3FONU43MFMxbndKMVRtODAvaE5UOTYyeGxNbXNzalVPbDVnTEM4NzBpb2lZRkx2K3JqR0NHQ29Fb09NMEVQeGh1TVhIa1pJNElkakZGZUlRZTRYSHBjcWpwaFZSd0hOZXRmNExzWTFOb3cxbWxlbG9kWXBDSGpnZWJSMFgiLCJtYWMiOiJiMjViMjk0ZjgyOWU4YzQ0OWNhMWNlOWU4MzI5M2RkNDA4YmZjN2M2OWYwZTkzNjJjYTRkYmU3YzU3NmRlYzFhIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6Ik9ZUTZma3VhWkVyMVFZRzhQQ2Z6cVE9PSIsInZhbHVlIjoiTzJ6VzhBbmowVmhPNkdQY1NybjkrenNiL01oaThqTGtQVWxmQzRpMXJvMUdka0NXK3VxOWtHNXNiOGxKNmF0Ti9uTEVrRE1Sb1NsTlJGUXNneDN5ejBnMk41K2J2YmludmpZRVlta3dVT0FzeklNdEFISVllckxBN0NaV1d4TWwiLCJtYWMiOiJiMDBkNmYwZjdhNGEzY2RkMjdjMmY3ZDU4MGJhYzczYmIwMDQ2MGI3Y2ZiY2VjZDExNjg0MGE4NDU0MjE4NDI1IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cOLFwqRWnEesiv1ZQ9ohcVxJNB9kmsRYPHwZ5jnxa18W9h9Q5bB%2FSYpA7QZVjMq1JIuHOq4NAB6B4K8%2B6KvhdbF%2FHMe5r%2FD566Gl71rTnKUz4uKyipm7Ing0aWXeer7J7%2B4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941096523eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150419,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x683, components 3","md5":"c9368547b8884899054be262c2435b84","sha1":"9ccc1f19ce4d3666711665691c6963f2612206a9","sha256":"b6545ceae3163a29cbe991f0f9c9ee3fe109d76a8930a4f45ae8706975e0b2eb","sha512":"69a685240189bacd8503e4b09ad1c2f953feb733283fe8d893a90d336f70279d08283be7ad8549ff3cce7499700376bb4c8c2a5eb6aa64486b7b9f1af9a703ee","ssdeep":"3072:LvBuzBCJvF//t4iM20QC9V2hBbdzFIrwbwD17Jq6g0oH52cCFB2zmAqXCKElW:9ukJvxtCyvZIrnD17E6oQJBCypEg","tlshash":"7ae322fda6644005c71a2b368e99aad09d2edb18e10533525e840f24ab5e09374b3eff","first_seen":"2026-05-29T10:50:53.389146Z","last_seen":"2026-05-29T10:57:01.917005Z","times_seen":2,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/view/pictures_gallery_69c2fa8dc67453.30023617.jpg","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /view/pictures_gallery_69c2fa8dc67453.30023617.jpg HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\ncontent-length: 93880\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:56:54 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6InptTGs3ei9WN2c5ZENoUjh2WkhUdXc9PSIsInZhbHVlIjoiRnpJdjBJZXcraGs1ZXZJQlJMdFRvdUh2QWJDUVY1ZEFvdXJRRjFtY1JZRkdFSG53dXkvZDFWZzhPa0dadnFtdDVRRXlmbzZMRjZSSCtDQXMzNlJNYXRLWW1ZOWR1dStFZzBvdEJ2YUFHY3llSThDdURkZHFwbk56RHlGRENQZ08iLCJtYWMiOiJmYmI1ZjhiZDMyZThmNjIyZjIzM2U2YjUxNTIyNjA4MWZmZGM4NzMyZmZkZjQ1ZDVlZTU3ZjhlYzgwNWQ1YzNlIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6ImpCa1d4anZjMDJCT0huTnBRbG44aVE9PSIsInZhbHVlIjoiMnZxRUx6NURScHRNM2tWOFkxeWZPcnEzZTVNWThhVkQ2R0Q4VTVIOHM2ZkZ3QllhOVMrdS9PakNQTVRLYXpCVE1JbEFVL3hsVlYwL09rL2lTSGw0cDJIajFVU3dWYU5jaDMzN3owWG40L0RyR1N3ckJVSEdpcmNoV08vWHZYZGoiLCJtYWMiOiIyNjBlOGFhMDI1YTNhOTAzMjQ1YjhlYTJmNTc5MDQ2MjUwYWEzODFlNWY0NjMwZjkzMGJkY2U1ZDMzMjg0Y2JmIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fqo7kyhMRz53DDO7eAhY%2F7POnxAxP7nboJ%2BIDUoKB3OpxRLhssFmMqekeyeZZwdopPN6clfDkeDNY688wqGJbYScSFJM4VxY9gUlbiEMKazRblQFELX0B1523PEn6hcjuM8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941196e23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93880,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x683, components 3","md5":"d04e911d6e34fbda955ccab543a13365","sha1":"dd02f1da0ba5455efd23db2878586d9c1d393dac","sha256":"dff3a606b7e11b0cabd799414c2de527984d4771109a13e4037f1b061c94cba1","sha512":"ba51defb5db75177226a823516c7e72cb870908b30d329962b7e42217627dc8e618f57a0cc77aa7ed524ef33d015062c49a809f2e7602ae22a49bc31418b74fd","ssdeep":"1536:aZOF+VZbQ0U098hAFBQDp6VemilENuiiL/YIhUMF/5EoRGNsbTvdPSN26PVHru7i:aQgVhQAChMO0VemieNNiLACRIsbTvdPa","tlshash":"e5930291150e9362f7dcc438c80f27ee5e975c01b21b142db452c1d3a6a3de38ba2be5","first_seen":"2026-05-29T10:50:53.394388Z","last_seen":"2026-05-29T10:57:01.918241Z","times_seen":2,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/graphics/ava_q70_1.webp","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /graphics/ava_q70_1.webp HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/webp\r\ncontent-length: 87324\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:02 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6Ik9jMVhpVGZDT09nNm5KZWwxNGFlM2c9PSIsInZhbHVlIjoiRXJHWDlaVmdMVUp3WEcwbVA3dFdlTjdJOTcxSnV2cktBZENKa01hRW1CdHhPZHFzbWZJaS9EMXZtcUFuRTJpRGNPdEdNQUtpYkdYNHlidXR6V1FZVjYzbkFUd1FRT3FUYmI0clZtTjFBbGFRcng2QXg5SHJMMmJNaXFzc1VzZVciLCJtYWMiOiJkNTgxMWUwOWYyNTIyYTMwN2ExZmEyMDk3NzJhNmEwOWU3MGViNjM5ZjM0NmFiNjJjNTA3NjAxODliNzY4OTdkIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6InhlY1JhNEI3ZmtDVWZMb0hnWSttcUE9PSIsInZhbHVlIjoiVTFGK1Z0ZXl2MzlXMVp6cjJuVGtpVUM4RExHZ2JmeDZRendNUkswS29CZ25ZZnhzSUYwNkFzU1A5MXN2Yno1ZjMwUjFjWmQ4YVFBRFE0dVlIQTRBUjVlOE1HSmxobjZyNUI0cWtHSFd4UEhqQXNWVkdWUEhvLzNUc2d1WiszWEciLCJtYWMiOiIxMDUxYWZjOWU0OWZhNWMxNmZmNjRlNDMxMzE0MmQ4N2NiNDU0MTQ0NjRiYzJmNTk4YjMwMDE5NmQ5NjA4MmY5IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=885po%2F97O58ciFVwZNCcvMOUNMAGjF0r9lK%2BbOSnzDCcDl86mRJyYF%2BhrTbBHRDEVPeVQD4MBn7fiOHWgGi9T%2FGEJ8s8TDq6e6VyC1xh8XmKkGukbmSmC5yU%2FxL85%2F2Q0bc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941197323eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87324,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9cf78e627341b65e5304e6278f6c22e4","sha1":"7763feec2a3b024eb3c3d86283ee0d1e75783b10","sha256":"75b95c89f5874c851bf904e9355d1fc983409c9a25807c99a13abeca049093a4","sha512":"d923dce4ef6094d2587141b547e30f7de9f09f7c2c7bc818ace77ba448e779ddd334145a7c08e653d2ccad7bcce15b149671fd2a82dcbba3939d280b97a8ee3e","ssdeep":"1536:UTbdUUoxdXvnkcPeNzo+wcPlIICh/yRtaKImCc5fihjI1j:8CUoxNvnkGeu+wcPlMYsKImCc5L1j","tlshash":"df83020b8705f969343fc28c66d370dfd1a8075fe8a25948585f6f1a314adae8c34b8b","first_seen":"2025-10-12T01:29:36.03939Z","last_seen":"2026-05-29T10:57:01.919601Z","times_seen":4,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/img/box-bg.png","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:39.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /img/box-bg.png HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1IRlpQQTFFTklzajlrRE9POWJpUFE9PSIsInZhbHVlIjoidWkyNzhQd3VXV1E0NTNhMlRQcWNNU2RvSVVjRFkrZ0dNdnNWS043ajdPMEo1ZUdyMVRRamtEUkZTclhMdlhBeTdyTE42YnlGbENNQlVEMjAwelFBQXEwbGM4dXU5QjFKeHI0VUtSKzVGSjZXd3NyNzhid3dhM1UyMHlwbiswYXAiLCJtYWMiOiI1ODNhNDQ0MDUyMzQwMTMzYTYyOTQwNzcyNWY2Mzg2MDlhYzM0YTQ0YTcxNDk4ODNkY2RjYjYzYWZjOTdmMzMwIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6ImJFYlRjbnk4QVhFbXp5S0RtY01xdWc9PSIsInZhbHVlIjoiSjg3SWR5bkVzNGc0VHBFc0dkN2NDbUE0MVpRNENSUHNhYUh1NG55NE10UDFGc0lVOW51MVo4a2VhYTRMS083T29GSkdXNDFqenloeDI0UWQzalhYbFdmWHJlZXdQNGwyQnVPSkR0WFVJNXRmSnJabnkyMFNoMSsyYVUrSkxWbnAiLCJtYWMiOiJiYmMwNGQ3YTZhMzE5NjY2ZmRkYzExMWU4YzkyMTVmZWVjYmUwMjczN2I1YzFjN2E3NmQzYzNhYjQ3MDU5MjIyIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\ncontent-length: 2743\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:39 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:22 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IisxblcrRHVudU90MHdjL2gxNStQVmc9PSIsInZhbHVlIjoiRTJXUHN4bGpNK2pQNjgrQXNHdzROam13QkdNL0hDaEJFYWlxYlJkNGtmT0JGUklBTFhSaFpEVFdLQU9EckI3RW5XQTNIRTk5SHFqdW4xcE5rOEhIbzRUUVNVUVN5U3paMms0YVFvS2VpSEdYTVV5bWhtbUxuOFVnYzlXV3lkcmIiLCJtYWMiOiJhNThlMGQ2MmNiZmI5Y2Q2ZTkwMTEyYWNhYWNlZWMyOTZhNjBmMGNlMTEyYzIxNTdhMmFkNTlhNmNkOGEzMzg5IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:39 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IkhLRERmUThtaWNlbUJydVc1RllueVE9PSIsInZhbHVlIjoiWUZaaG83TWEwVURNeWtxWlNMSWh5WTNYbmczUkFXYnF1SkRYaUhDRTRrUnVVbXlKMjNJNEMzeVF2c3FoUHhjWGZiSG9jWGhRSkFLdk5Zb1V2czhoakplbE9TRERvWElUV0dFZm9XOFhwb0p0MGV4UkZlZHFRaDR4c0pabktHTVEiLCJtYWMiOiI5ZmY4NjM2ZTJjYWNjYzg4NjlmMjllYzJjMjk4MGU4Y2IyNDE0MjNjZTU1MDEyOTY2N2ZlZDc4ODA0NjgzZWViIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:39 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PFlcvigBOHLKcPpoAFhUZskzvhhqHfnp9vF4BTBxH2CXyEHVA0t7ov6n0pBHFyu5a8wKsiYoTVxuFn7bxKhVl33TMGgzcavsio24%2FokWRCIoypJDNOOYPOlPNSSUvQMXJrs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f943d9fc23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2743,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 295 x 351, 8-bit colormap, non-interlaced","md5":"d75e8adacd6bbbeb7a54f79028e7ac6b","sha1":"31ec40eaca55d0a08ceff6261cf17abaced9baa0","sha256":"91d09eada1a8337826b8605421d925ff1da2e273f8acf7a8a071e1d12cb94efa","sha512":"2de5a5dff7e67b1799d37e677816a5d36f8545e1966102b609e889f2c83388e5eeb5bd11a1d05405fc0c6285accece71254393fc6745c57bcba3cf12837d7936","ssdeep":"","tlshash":"73512b49e1af69a41f3025f88d68c0666d9225ae40416a27c5c7ff892c0af070fd114c","first_seen":"2025-03-26T06:46:53.562946Z","last_seen":"2026-05-29T10:57:01.920368Z","times_seen":11,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Hind+Siliguri:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"64.233.162.95","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:15 GMT","end":"Thu, 30 Jul 2026 15:53:14 GMT"},"fingerprint":{"sha1":"19:42:B0:56:3A:E4:79:BF:8B:69:E2:50:F4:76:BF:1E:A9:D7:7A:49","sha256":"D7:FF:C1:46:95:F3:5F:08:04:B0:E1:A8:FE:14:FC:60:19:58:D6:C7:D3:6E:82:B3:64:07:E9:E1:CB:9A:27:8C"}}},"request":{"raw":"GET /css2?family=Hind+Siliguri:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 29 May 2026 10:56:38 GMT\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6493,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"bb5415ee725e08d424b2df0aa34b7a5f","sha1":"6a7b0832c4687e2538623da271d06a5f9f6dfe65","sha256":"78e61e4717e23d8d33d719f8b2d12b78728616b8cf03f2e7f05648b9a28a66c2","sha512":"a0863709637840c582a8eb13a737ba8c090ca722d3e81ecdb10aa866b631c92f2d0477784817bf88e2786907af9c2fafbe7ac160a811d19f1e19613a46c42d09","ssdeep":"96:UO1aiO1adJc+uCO1aCNbOEaJOEaBJc+uCOEarNbOXa7OXaoJc+uCOXaVNbOxMaEr:aIVrBGxKxjM5mNXAqcFnrB","tlshash":"39d1c092042a9440eb473cc552cabe27ae1f32a0a445edbd5eff18c69ceac354351f5e","first_seen":"2025-09-21T22:53:45.418087Z","last_seen":"2026-06-06T17:31:55.799625Z","times_seen":318,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":121,"dns":1,"connect":15,"send":0,"wait":18,"receive":0,"ssl":128},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/graphics/ava_q70_0.webp","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /graphics/ava_q70_0.webp HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/webp\r\ncontent-length: 89706\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:02 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IlhhaS9Lbm03QXJONS9CNnpNaEJtN2c9PSIsInZhbHVlIjoiRDg2MEtWQzQ4S244endCMmp0R3g4SlNIV0ZQM01ySUpwN3R5MEVyRzhMcVd4dGFyOVd6NjNnNkZTRmZTZ3Ara3N4Kzlkb0R6aGxWWnNYa3FoUHZCYmVGS0c2M280aUtBSlhCcm1WdytuRSt6dEU5TDlBVHEzMUJKaG5uMzFWelMiLCJtYWMiOiIyYTliYTVmMjQwZTU3ZWM5MGEwODc1NDVjZWRjOGUyMjFmOWY5OTg1NjIyMjUxZmNjOWEzMGU1ODAxNWVjMGFlIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6InlnQWkyaStwQSsxR1QwSUpXWnJ2aVE9PSIsInZhbHVlIjoiL01OdnNucnpmNkdXMkZTREtBSlUwUU5LZjJqK0o0aVM5c2IzY2lxMUNHOVRseHdqNXRISEF1WjBXOUpscVA0N3V6S281cEwwQjdsbXFyZ0gxU0xoUXpWRXRBdXJYM0cxeE5KQW9BNzBGSE51R3NMeXdUZmtudUJYK0JhVERSbEQiLCJtYWMiOiI1ZDY4ZWQ4ZTRiYTEwZWU5MGFhOTlkYzk2ZWUyOWNjYjNiYzk1MDc2ZTUzNzNjNTc0M2EzMDViNDk5Mzk2NTI1IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gwCVWMlNsCoW0IcEZLhQVz4gJXjK%2BQMQRe%2FsT3GVuLZ7ovcnlrWuQb8SIooYnss%2BvlH8%2FJe%2FxfElxd3t4j8HM5tIefP2nstb05l6ZxBP0%2F2wU41wuhpQP5OM1DlIN6hNtaI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941197123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89706,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d59c606f9dbf9c7ac30906a2da6b70c8","sha1":"77ef998e5628b05c49c2b4913bbef98d2b579897","sha256":"df15f3a2f2c0d7bb690352c5a72903d9e1483b73a65628393bdda104ca03edb3","sha512":"553bea609290ddb6bdb4bc75dcfcfa777c2c831d8c73ec21d53205ac73592e62d7e39f59d028ef4d2571b7b8d565e49a2ab381ea370aa985bd92882d86cf1626","ssdeep":"1536:Eu8kgHHLvzH/nwxe0150K9T/6LxMsUQC9mz5mlj51GYePRkDk2UKkyX7VHGdIfX3:EuNgHvH/uedwCNzoj1GYkR+k/KkyOEX3","tlshash":"559302d38cd99a244b8d56a469cf26fd95d40182ce73fc00fa7f43368e390b94d6a9b1","first_seen":"2026-05-29T10:50:53.406175Z","last_seen":"2026-05-29T10:57:01.922246Z","times_seen":2,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/hindsiliguri/v14/ijwTs5juQtsyLLR5jN4cxBEoTJzaxw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/hindsiliguri/v14/ijwTs5juQtsyLLR5jN4cxBEoTJzaxw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cardswebapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14472\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 29 May 2026 03:33:33 GMT\r\nexpires: Sat, 29 May 2027 03:33:33 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 16 Sep 2025 13:42:22 GMT\r\ncontent-type: font/woff2\r\nage: 26586\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14472,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14472, version 1.0","md5":"94b8693233d1eb63780e108a1cfb5499","sha1":"357bdf1389b7da704f672297bcb90e1e4c070aae","sha256":"cdc41415f366ef2966fc77e90d51391dec03657a6ed397fe59efd5ce34cf9549","sha512":"42687544637180c7c432dd98d59780e9a0278aba6dc6e86efb36ef39e2d301b04710d320adc92c021eb4bf980650ee35efe7ab3c30c778c06dc099f05bdda6f1","ssdeep":"384:w3yTfckw2H7q0+0Tw0ud++DS/DvgIdDLQEww0FO/T:wCTE+Bj3ud+zgSkw4O/T","tlshash":"e352c1a8f0f5b911e969f33af5497f6a4ac1d04e22d218e7ce25d814154905b3f0e8e6","first_seen":"2023-05-01T21:53:43Z","last_seen":"2026-06-06T11:44:57.340666Z","times_seen":761,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":76,"dns":2,"connect":30,"send":0,"wait":17,"receive":11,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/view/photos_gallery_69c2fa8dc67484.01285452.jpg","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /view/photos_gallery_69c2fa8dc67484.01285452.jpg HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\ncontent-length: 20050\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:56:54 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6InRNTWJJVkhPSk41aUR1QlZHY05FZ1E9PSIsInZhbHVlIjoiVlp6dkRMY2NVeHVDWlZTa2V6US9EVm5mL05UT2daRTI4UmJicndjU1dKOUFJK1kvM0o5M1IvUHlIdGVPd1c1eXE2c2hwclNYcWlydzEyOG1zWUllOWgwQTFkd0R4UUZaWS9xcHZqbXhBQ2V4Qlh0d3RSdWpyK29CS214eVp6eTgiLCJtYWMiOiJmYWRiNGE0NTZiNjFiZDdiYjQxNDRkMzE4MzdkZWFlNTY0OTJiZGYwY2IxYzFhMGVlNTY2OWRhNzU2NTNiYWQyIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6Ik1sZW1Ja3g4S05VdzMyS1dMOTNFcGc9PSIsInZhbHVlIjoid2FmaXhJOWFEcTl0b09WM0kxeHJFVG1uVG5Ydlo4WDhXblRqWU9vNTZyZm4zTnFxc2RLS1JMbTNGeWh5dy95U0xTckZyeGE5TlR0Ylp4ZXFPQWpoWHZZdUFEWWcwNE9LbksxcWxTRjAveWFxbk1rdk5xV0dGV2g5dUJ0RGoxaWkiLCJtYWMiOiJmMmZhYzg5YjFmYTc2NTQxMjEwMjMxNDM5NjBjN2U4NmRmNGQxYTA3MmJmMWZkZmZmYTg5NTM2MDU0NzE5M2M3IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eVoncgBV%2F9XVuDXAciEyU65Yx6xIDoHC8Qi%2BPOAUGtq5ziiuEg%2FpbVRW9jMwxu71d3QcSV6nXIJr1GH6YwF0v%2Fs8WTH%2BV11ZhI%2F5Px7aG1FBA6CbHG36kv%2B6ygvCQs%2BfqXo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941197023eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20050,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x683, components 3","md5":"15751079451d67b655e81a7f5b6f8dff","sha1":"e0ade0017ad79ef3f61b9bdeaec74007cef28254","sha256":"55e91f0f143382f94e19153c65d405641c6039f0a2cc5ccbbc7222859508c09f","sha512":"f0b4543ff9a9a8e837932d2f7b5a0e22d747f72cfdd4413e44c5afacda731f9be450aa4ef5cba66a073464279fc3ad5a72f2d41e08acde7c0e628c0d74549516","ssdeep":"384:65tNxypqZfEc5DHPpkQBp5PSSNioS+ZRzaPYXzwwrM0op7s5+/NWh:mJJZfBHhkQBpYpIRzaPYXzzrYs5SMh","tlshash":"5892df616f5a3412f3b03636056a2ffa47c6e34a038f279f8995ed4c590a1d2142a79a","first_seen":"2026-05-29T10:50:53.435179Z","last_seen":"2026-05-29T10:57:01.924916Z","times_seen":2,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Sun, 31 May 2026 10:56:38 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qem9F%2FgY4RKTOQ%2FTwHbISxoxRyPA5gCah3eCwBJclOHsHmpiM2ZjYes4RXL%2BfjfkRgDUR9PmpCqdH%2FUlzHjkdo45kgypvC1qEMar4z9SBh%2BmG8KIgW91wgwKG5xPxazvb9I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\ncf-ray: a034f941297a23eb-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-07T00:11:15.860729Z","times_seen":362537,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/graphics/avatar2_L6L8P_2.webp","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /graphics/avatar2_L6L8P_2.webp HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/webp\r\ncontent-length: 71212\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:02 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6ImJEM1ExSWJiZTNrZEdIclVGMTBxcHc9PSIsInZhbHVlIjoiWnhBZ3RTZVdKR0VKaTJVTnNBLys2bll5WUl2bFdncE5KMW1tdFhNYzhBSGRpYWNLWDRzRzdzWUt6OEJtY2ZIaHpVZ3lKbmpvSEZjRFJkRndsQ2ZOZVNRVWh4VmtmMTFORjZyZWdxeVd6UkozSGdKVnFwS2doajJ4T3JaTTE5dW4iLCJtYWMiOiI1MmRhZmRkZDMwYmE0MzY4Y2E2NjQ4OThjOGVkNDdhYmQ0ZjFhOTI1YjA2NWEwODljZmViMzUwZGRhM2ZkMTJmIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IkhuR3B3cXpNYXNKVE9VNXNrRHExNkE9PSIsInZhbHVlIjoiVjQ4blVxMDBOVEY0RnQ5M2tRTHF2ZWExbXYxL0ZVdkJQVVpDWXQvL0hOWTFXSVlWY1dvQmtneG00OEZGVk9jTEU1SUF2dXBibHM2WGw4aDc1UThrcnJ1MXdLUXpzdHFCdk1jOVRNcEFQVG93Wm0wdUN5enJaeE1YWUpTVjhsdHUiLCJtYWMiOiIwNDY2NjM0NDMwYzY2YjAzMGQxMTNkYTlhYzA0ZjE3OTNkYzBkNDIzYWE3NmQ0ZmJmNjMyZTVmNjBhN2VmNzc2IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tYeH83Mjy7favLpavP4uhSoNxTCj8CqWXpX1AoeLAP%2B7omvxbVd0SsMpI52UmRS%2FukZSpyM1CmuR0g5AP4riABOAqTiikzMxt1h41SsNahA%2B9HuHXwPH0kw6MAhtFngRfp0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941297923eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71212,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"09411860866657690d311ac9dc863cb2","sha1":"18037aeef6f5cc7dfbe689acbdfe4a33a3008b4b","sha256":"0867ea410cb3faca7cfde5539852dd6c4c0edf53d3e1b17326c17bd5368d7568","sha512":"1a9622462a873784f0cc1587b0ac8135b5ad76b5ac236910a845bdcc0b036b7fc96904d11f931d160c5c174fdf71f7983a3f2ad878a2d98b3fab3ec629045956","ssdeep":"1536:v9zb/nhCTxsojTf4iqUKJItRCk7+50GhTafz9v3esHdKxMelUgEZb:v9/hCv46KGCk7ObW9vOsHdveetF","tlshash":"9463021f71fd26f52c136535ec899fae986c0a25c60b6a56d3e2c313845acc2d31c9d9","first_seen":"2026-05-29T10:50:53.414114Z","last_seen":"2026-05-29T10:57:01.927926Z","times_seen":2,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":76,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/view/illustrations_gallery_69c2fa8dc673b3.86779505.jpg","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /view/illustrations_gallery_69c2fa8dc673b3.86779505.jpg HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\ncontent-length: 89054\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:56:54 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6Iko1OXZ1ekRLOVFFaHZHSUhSbG5JbkE9PSIsInZhbHVlIjoiUjdiUzJndk5rOUVTSEd6M2RmdXBDcmdnTGJRQWwxeHUzcVZ5bUNXa2ZqVmNKdDVCb0dHajRqVXZEcjhKUCttbGhlTmxXdjVwRmN5NElDZEtqeWgrUlVzNDdPUXBzcUNQb0doWGY1R0JNbDIzMzZmYmp1RTdkV1hOdHJqRHlFS2YiLCJtYWMiOiJiY2RhOGRhZWVjMzYxYWIzOTJlODkyNDhlMGFlZTA2NTZjNWQwNTQwNDNlMDk1Y2Q5MDg4YzU5NjhhMmRhNjdmIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IjVUdW5ib09RWFprcGxRL3pHNGJIR2c9PSIsInZhbHVlIjoiWGdOYUZTQTJXY2FDRzVwa3JNVnp4dTBlNy90OUNqd0xxbkdKZEVJR1p1WW5pWXVjK3N0SmczQStJM056MHZJeGwvVm1JZ2N0aUJaWnlRbElHNE1iNHkrZ0VDaEdPaUt5azFubTA2dzNscEpFVk9SQ0tqNU8zQnQ1TlgrZ1dxTUwiLCJtYWMiOiI3ZDdlMmUzMWMwYWJjNDM0YmUzOGEwNGFiZDJmM2NjZTZiOGJkODYxOTNjNDc1MjBlN2M3MzI1NTIyY2M5ZDlmIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QbZsFGJQhUsMLPU3V%2Bu5hfO%2FwHL9MrvIOLt194gIW%2F1RL47XD%2FxW5neXcHhUSUgXfuSUkvnPizC0WvlN8xoKiPISOkNidRyBTPCKY9X0P%2FxD3AWjiGZT%2F14%2BVXimXdjTp38%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941096323eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89054,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1280x1280, components 3","md5":"f035ae8375ee5476d97ff845fbcb61db","sha1":"87ff7468c3962c803651908a48205f3b81c1fdb6","sha256":"999974eaaf9e4c00a169157a89f9765649201595bd9d6c151b5970caaaae4eb5","sha512":"59e80abfc2257f1f60f697b8992ba474c5a7738e8f56a18a5327e98a2feb3016dd729c5b1a6583c68b8a5da192f463654e21a70fd45e734e7ce07d434b406084","ssdeep":"1536:GJ4FQWkFw7RmVMQiwvyotdlyZ84DPfNb4RLo8HXDGgwKmWyTQ5udqxVwwiCgzw:mKBkFwoJiQt+6IfNb4RU8zfjGzkxVwNa","tlshash":"c6931244eb509431dd8a14710a2cf3347f255af72b781785a9a62ffea6a0ef60b6048d","first_seen":"2026-05-29T10:50:53.40417Z","last_seen":"2026-05-29T10:57:01.929598Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":79,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"64.233.162.95","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:15 GMT","end":"Thu, 30 Jul 2026 15:53:14 GMT"},"fingerprint":{"sha1":"19:42:B0:56:3A:E4:79:BF:8B:69:E2:50:F4:76:BF:1E:A9:D7:7A:49","sha256":"D7:FF:C1:46:95:F3:5F:08:04:B0:E1:A8:FE:14:FC:60:19:58:D6:C7:D3:6E:82:B3:64:07:E9:E1:CB:9A:27:8C"}}},"request":{"raw":"GET /css2?family=Teko:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 29 May 2026 10:56:38 GMT\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5915,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"3f10bedc39eda6cbf7ae602bbea0ef19","sha1":"e9cf2b17bd6eb1c29363e65e70256923d9b34614","sha256":"9649bb87c2bb1b14451cab780887e6fb820dbc7118f982fd490d79cd663a8f0f","sha512":"03199b26951cd0ad5d5385b79a7516f972824581af431283a4c2eb5717eb427dd35efb4870c75b71504159db8055cb91f7a025f0e547faeeddc795f4f16fc6dd","ssdeep":"96:kO1a5pO1a5lJc+uGO1a52NnOEa5pOEa5lJc+uGOEa52NnOXa5pOXa5lJc+uGOXam:qRrNf8rAYDrnxGrKClr5z","tlshash":"d3c1ab91086b9008eb470cc263ce7f27ee0e32645460d9799ffe08c8adabc295355b4e","first_seen":"2025-09-20T01:05:37.333681Z","last_seen":"2026-06-06T22:19:21.066326Z","times_seen":389,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":138,"dns":1,"connect":27,"send":0,"wait":19,"receive":0,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/view/illustrations_gallery_69c2fa8dc67353.17102683.jpg","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /view/illustrations_gallery_69c2fa8dc67353.17102683.jpg HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\ncontent-length: 48050\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:56:54 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IklLdVRuZ043RjhSK3hkVHRtR2JOcXc9PSIsInZhbHVlIjoicXk2KzVhZm9peWFxOVlTSHBpT3dXK29HT1o5MTFSa2FhdDNjKytsa0duQ3BzTmpwMm1mVEZRNHhaaHZkZkszRzIrWkl4anR1RVpka2xQREhpTkJ0T0FDUklNL1VIQmhTS1Z2NDdDeXZDa0c0NGg2cG1LaG9tdE9NYVdtRmEyeGEiLCJtYWMiOiIxMTg4MDFmOWRlMGVjNmEwODk5MDZmN2QwMzcwMTdjNTFmM2M4YmY0ZWJhNWFjMGEyNGQ3YmMxOGVhMWFlODI0IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6IlpMazcrd3FSMmMvQjJXZVd3K3dseXc9PSIsInZhbHVlIjoiSDA0QWt0eWRLZXc5Z21FTVJqL0pmUzlUQWtEQnpMc3JBUE1ZL2hQUmRpVmtlZUVQSGt5RGc4Mm1Mbm02Q3k1U1d1US9kMmtCcWpLeHUvNXUxdWpyak54NUdOc05Ickg3YkROK3BnY2xmZVJGLzFlZGNRemVzK2w3NWd6d2prdisiLCJtYWMiOiIwYjU1MWE3NDIwY2JjN2MwNzA4Zjc5ZjE1MjY3ZDcxMjc3YjkxNDJkZmMyZTZlZDlkNzVjM2RjMDg1NjQ0OTEzIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c0BTE%2BSWb4rMA%2BvicekdlyHJQ6m%2FHFmpsG%2FE0UezAKeZMkAp%2F4zzF0Lgr5Ypx8WOg6raZaHFigwdvpWK8pbo64XoFjCqbyG20mT%2FAwP0Ftv%2BXisvkX%2FjwOhuAxDoY2x45Ec%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941095f23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48050,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x576, components 3","md5":"e2bf66e88a8dc7b67debbf82e30a9efe","sha1":"d13a98c4ab93d5bcc98e3bb2655ee1c4e20e793d","sha256":"629af90b4f378c1ca61ab40b4f9627dfd2948ff96cc1872bd0837d48b6422c52","sha512":"ea4035efb75fa343780b95498cb527f1da63f5889c6f9c181085c052a10458d45c13d690592286b9bcb5808578dcf39c1ef332861d92d112fea28a9102ef7830","ssdeep":"768:BpwXCliaV0f5HPQl3waxIi8bmm9q+J0hjUAQUUAd8teCann+LvD7gmcRQYYy6p7U:BOXClFKpQlg4Iihm9q+J0jQU+eCa+7od","tlshash":"e923f240bb60c78dd2a2a57605b90b6cfe71d616cc81cf43924b6f315a9d8d4fba3728","first_seen":"2026-05-29T10:50:53.391867Z","last_seen":"2026-05-29T10:57:01.932335Z","times_seen":2,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/img/red-dot.png","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:38.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /img/red-dot.png HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6InIxekw5Z29FN1hBeXpBYkJETXV5UkE9PSIsInZhbHVlIjoiM2FublFITEZ6cy9vYkNGMDZmUkZ3NFArVnBDdnVOUy8xNThoaVExVXM1RGVmajBQcU4vMGF6MjZLUHdhNS9vTVZnZUtGT2NrY1dtOFFjSG5YbjM4dkpuOUhCZklNN1lrMXBiQ1ovQzBadWJXcitmS015ekV0UjFRbWpGZUFnQUIiLCJtYWMiOiI4N2JmYTgxZWVjZTc0ZjkyYWRhODViMDI1OWYxNTc3ZjM2NDkwOWI0ZjJlZTk0M2UwN2JiNDYzZGE3NGZiMDAzIiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6IkxzWEZjUnNTN25aMFAyZXI3TmJad3c9PSIsInZhbHVlIjoiaDVtUU5XL1o5T0M0U1EwWXNHSFIreVNwWTlqbG00dS9kekhYalpqNXREbEJITTFscmRtYWpreXVmUkh6SUhhZkxndVdhUDIyLzhpaTVEWHBVRG1lenBiOVp0Q1dPRVI0bndPSlB6U3dmcGhiQUZVTUFTNXkvZVhqOVJYa0hkSTUiLCJtYWMiOiJjOGRmNGRiNTBkOTIxYmY5MGY2M2ZlNDQwNDJhZGJiNmIwMDlmZjI3N2NkMmYzNmQ0ODg4ZGIyOGVlZmNkZWRmIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\ncontent-length: 2592\r\npriority: u=4,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:38 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:22 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IlRoU29udURyR2VMaVlXY01menJqU3c9PSIsInZhbHVlIjoiSXVSK2QrSWVxREJ6SytTTUJOUXNpbG8rVXFJMWNDYkp2ZHZ1Z05uMXo5OTNQMHlMSERBWnFQeDhCZlBjZGdVMW85N2JaeXcrU1VBaTJoczdCakxwbFB0TTNoc3YwaUpoMktoYnNTeGs5T3NaWGVEeWJFc0pxL01KT1Vud01tMWwiLCJtYWMiOiJjMjI3OTQ1NmFlMjc5N2RhZWE2ODEzNTlhNWE0OGUxMzNiNzJiMzUwNTNkM2ZlYTZkOGEzNTgxNGU5NGRmNDVhIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6InFOdENtajRvQ1h0S09sQmpENm54N0E9PSIsInZhbHVlIjoicDZMazBwUEVSSTFDTUpWcVZrZVB2aGNXeko5bEJnd3Z0RGpZYWREemM4UWM4Nlprd3VGdVlpSENrdDJFU2craXo0dDZ3NFJEeUtRTmUzQ29JaHgwV0NVcE52U29zcjBaZjdETW40djBTaDQvbEMvNHF0QjEyT1Y0Q0lsQ21NUkMiLCJtYWMiOiI5ZjIyMjIyN2Y0MzU3MzM3YmJjOTU4MWZiZDlmYjBhMDIyZThlZDlkNDJlNzI1NWQ0NmJmYWMzYzFkMmFkZDI1IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rVUXeI4BBLbUrxEFojhctyUr48EKnmqFx0Zce0n1XGoNGhpds%2FmkR6iPpy0H926tFvyprIXoWxJbRDc6PFK3rtmC9zQ%2FelnQriHsREb06q6nAiwQetJpYO6rLo%2FJ%2BAigEqU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f941197223eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2592,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 174 x 174, 8-bit colormap, non-interlaced","md5":"0c3287986b2b4525ac812333710a16f3","sha1":"d1ffc67b44e928813d2143b81f2b859d338ad1c3","sha256":"5ec285617ea38dc2a00a0ad5444389df47a83726eac687f1035385243a01021a","sha512":"06a5631a37d2acefa72a2e7fc29351081a4f0a405bc2648e0fbd313ff69a42d4276f293e399e0da34519e1489c27a825b307d157796c9ce456bc31b60426e692","ssdeep":"","tlshash":"2c51ea7a8f540dbbd6e3644072b4766965d193ab52bc00db81c40f105ced3a182962e3","first_seen":"2025-07-03T17:40:44.947114Z","last_seen":"2026-05-29T10:57:01.933985Z","times_seen":11,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cardswebapp.com/logo-main.png","fqdn":"cardswebapp.com","domain":"cardswebapp.com","tld":"com"},"ip":{"addr":"104.21.46.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cardswebapp.com/","date":"2026-05-29T10:56:39.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cardswebapp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 11:37:35 GMT","end":"Sun, 16 Aug 2026 11:37:34 GMT"},"fingerprint":{"sha1":"5A:46:86:30:45:12:7C:9A:E4:8F:FA:58:4B:30:63:8D:54:17:91:83","sha256":"1D:E5:0C:8C:8F:A6:03:5E:C9:2F:3B:23:AF:C9:D5:0B:71:4E:C3:DF:3D:CD:B8:F8:70:7B:36:1D:53:02:C5:57"}}},"request":{"raw":"GET /logo-main.png HTTP/1.1\r\nHost: cardswebapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cardswebapp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImVRdXQ2T2NGY2EyWjMyNVd1dnV2cEE9PSIsInZhbHVlIjoicGFWbjl2dWZ5bHcwREFkU2ZtTGh1b1lnNmx2UVdjWjhNYk9SVER2V216SzJhWmN0eHh2bWJVWGVDblFCYzYwd1lvMDZsUmlseVpvNnliL0VVY1IwTTVxMGNVUHdEOE5zN1VJWFU0STBRT0RoTnpwL3ZzMXdLaWc0V3o0UUZQQ3UiLCJtYWMiOiI2Y2Y0ODljZTc4YmQ1MzRhMzRiNTMwMzU0NTY3YjgyOTI2ZTEwYjhmYmRiNDY0OTQ3OGM0ZDBhNGZjZWJlODM3IiwidGFnIjoiIn0%3D; panel_session=eyJpdiI6ImRicWV1cXpidGdqZHRYTjBDMnoyQUE9PSIsInZhbHVlIjoickJGcy9tc09raGtXQlEzdERBQ25DOG9TMEdaOFliWWcyQTJub0V6UXZjRXh6c0hvV0dkQ3JFd0NsZ1VyUE9kenV0TUc5ZkRUMlhCb3h6eXFubmp1RDg5bXVzWmNyMjdWTzZ2cTEySkE3VkpxanJjc3RoRlk4dGd6TE1mQUhTUkgiLCJtYWMiOiJkY2JkYzE4ODIwN2I0NWQwMGRkNDZiMTg3MDkyZGY5N2Q4MDZmNWM2NTA5ZmUzNzhlMmQyZGQ4MmI4NjI3MjAyIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\ncontent-length: 32665\r\npriority: u=6,i=?0\r\ncache-control: public\r\ndate: Fri, 29 May 2026 10:56:39 GMT\r\nlast-modified: Wed, 25 Mar 2026 01:57:02 GMT\r\naccept-ranges: bytes\r\nset-cookie: XSRF-TOKEN=eyJpdiI6Ikh1WGlBTGNHWEtuSmdRQTdHMTZpNVE9PSIsInZhbHVlIjoicnlxSldObUw3cmJZSWxEZDZZOG9hNmNIYXJSMXRKOG05ZEtQa1d4NlZhYWVqd0VxQVA4aUdpSnpibi9jOXhnZUZYY3d4UzhJUWs3b3g1UkthTmdOb01sTDFiZ21pU0tScTFNS3lCR0xmRkNUTWprQkhIcXVlSmJkRkRNbkZBQkciLCJtYWMiOiIwNzI3MjcyMmM0YTU0N2IwOTdkNmI5MGIwYmY1NWZlMGQyMDhiYzAyZDNhOTI0YzRhOWM3ODdkOGNhMTc1MGRlIiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:39 GMT; Max-Age=7200; path=/; secure; samesite=lax\npanel_session=eyJpdiI6Ik9adVFkWjNaUS9zVUt2b25VcEFqWXc9PSIsInZhbHVlIjoiZEF5WjNSUUZPZkxtbWlSTWo4bnRPK2RSY0Q0THk2RDQ0YmVHZXF1M2s0RDZQcTEybGkyamNLdmxwRG5JVlBNYTNiMm5seWFDemFzL0NHN1h3VDhnWlBRQ0lkNkxEcVBCcUY1Y3JZbGhjekpOUVFzbEIram52Smpva3puZ1ZQcDIiLCJtYWMiOiJjOTZkNTEzMmNiOWYwZmU1YmRhYWVjZDlhMzQ4ZTYyODVlMWQ5OWRhYTE1ZGU4MzljZTUyZGM0NWU4NTNkNDc3IiwidGFnIjoiIn0%3D; expires=Fri, 29 May 2026 12:56:39 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tl%2BhsNt%2FfoWuWiQuhPfs6zOy7DOGaIciun8CubV1iSWb%2FQhCy6UIRTn4aTfOUWrD%2Fsrlt5%2BxTNwSZJx9j3Ry%2F67p3vqp9El88%2BpJv%2BaxRZON4uwS3erjAe7nXHlv3ufVRYA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f9457a4a23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32665,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"9d48a86da3ff849a19fbe6a4345410da","sha1":"97f22ea98405e9daa10109db5fd933a66dcba4bb","sha256":"ef3a99e62186bd9de02e3d389aab7902cd8c887ccf551dc27d678080ce50e6a8","sha512":"ea05585d786f7a5fef1a4c2a20e57268700516150ab952fc975167a716c0d7a2ae02a3ce132c79e7c0075460b2c1835c8cf20f3183f101ea60cad1d688a6aa7d","ssdeep":"768:l+af1MnpDR9VzS2hAnoTDxGR4GZjR37nyEc:OpJNAnGDx2NRzyEc","tlshash":"f7e2f28de36d2a3e864d6149f79812ee1090fb52fb50d2feb2275e80b87a300c45806f","first_seen":"2026-05-29T10:50:53.382489Z","last_seen":"2026-05-29T10:57:01.905035Z","times_seen":2,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"cardswebapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}