{"report_id":"6fa5b3f6-317d-46ae-8dc5-aad624c8330e","version":6,"status":"done","tags":[],"date":"2026-04-08T12:29:49Z","url":{"schema":"http","addr":"zenvault-airdrop.pro","fqdn":"zenvault-airdrop.pro","domain":"zenvault-airdrop.pro","tld":"pro"},"ip":{"addr":"144.31.151.175","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"zenvault-airdrop.pro/","fqdn":"zenvault-airdrop.pro","domain":"zenvault-airdrop.pro","tld":"pro"},"title":"Earn Free Amazon Gift Cards In 2026","dom":{"size":7606,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (608)","md5":"e9385e27238bc243585e16fe899f4699","sha1":"2058dbd288b70bffa784082084fc6e544ca71eef","sha256":"d1c9f9b3e626b529e0c3b2ed6df0d8091d42a582a28240ff810ebe93239907d1","sha512":"23bd6b738496c28fba008e5c09fb7216af158b8dcd053d942c42ffec53232012e6697224bddc76036d24ef8a00bafbd8caa2b7fdb42b82bf6358efc8d26e5b37","ssdeep":"192:DVM5w5gZNIZSs/0QXOsnfoSPa2t+g0rmsuzK:DVM1I8s/0kOv/YYmsuzK","tlshash":"4bf10ab411f102f96153c6a1b7a4bb1e6ff9e06bc54fc991b3ad0b90afa2c56490331c","dom_hash":"domhash443628ba3a9c1a85cf80f2da21696a0a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zenvault-airdrop.pro","fqdn":"zenvault-airdrop.pro","domain":"zenvault-airdrop.pro","tld":"pro"},"ip":{"addr":"144.31.151.175","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-13T12:29:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"zenvault-airdrop.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.idle-empire.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"s3.idle-empire.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.idle-empire.com","ip":{"addr":"172.67.73.185","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-09-03","domain_rank":1282982,"first_seen":"2016-01-28T16:16:46Z","last_seen":"2026-03-06T18:16:54.649584Z","alert_count":4,"request_count":4,"received_data":563365,"sent_data":2026,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"s3.idle-empire.com","ip":{"addr":"104.26.7.32","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-09-03","domain_rank":0,"first_seen":"2018-12-08T21:25:59Z","last_seen":"2024-02-21T04:38:19Z","alert_count":1,"request_count":1,"received_data":34555,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"zenvault-airdrop.pro","ip":{"addr":"144.31.151.175","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":3,"received_data":17488,"sent_data":1389,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"zenvault-airdrop.pro/","fqdn":"zenvault-airdrop.pro","domain":"zenvault-airdrop.pro","tld":"pro"},"ip":{"addr":"144.31.151.175","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-08T12:29:28.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zenvault-airdrop.pro","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 06 Apr 2026 00:23:25 GMT","end":"Sun, 05 Jul 2026 00:23:24 GMT"},"fingerprint":{"sha1":"3F:33:32:F9:33:76:7D:4A:AB:FA:95:41:EB:7C:59:65:A9:53:C4:1B","sha256":"37:37:60:DE:5C:BA:F0:26:79:59:61:73:90:8A:2C:A1:55:2A:88:09:97:57:B7:79:40:0B:BA:00:05:A7:6C:D7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zenvault-airdrop.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Wed, 08 Apr 2026 12:29:28 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8147,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (608)","md5":"ecb6572577e3c5355669ebdf9789ee45","sha1":"0f99b92f9c37a8083add047c147e2931f8ab80dc","sha256":"fc6f8770c9f51d20007ee551ca6350baac735bc6db1dcb25b49afb1c3ea2a248","sha512":"eefe3e5860145fb30a847503501fed3cbf96df0a17a7677933724e67f4718f5a942e185585074794d6d8ed8986938db4dbdb39055bf1cc62f490617db1e84261","ssdeep":"192:JVM5w5gZNIPss/dfdnfoSPa2t+g0rmsuzS:JVM1IEs/9S/YYmsuzS","tlshash":"c7f1f9a411f101f56193c6b2b7a1bb0e2ff9e06bd54f8991b3bd0750afa2c55490331c","first_seen":"2026-04-08T12:29:54.842479Z","last_seen":"2026-04-08T12:49:24.925134Z","times_seen":2,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":103,"dns":1,"connect":47,"send":0,"wait":48,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"zenvault-airdrop.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.idle-empire.com/media/empire/rewards/stars-5.svg","fqdn":"www.idle-empire.com","domain":"idle-empire.com","tld":"com"},"ip":{"addr":"172.67.73.185","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zenvault-airdrop.pro/","date":"2026-04-08T12:29:28.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idle-empire.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 05:53:35 GMT","end":"Sun, 14 Jun 2026 06:53:19 GMT"},"fingerprint":{"sha1":"C4:1E:E9:64:75:04:30:ED:D7:1E:C7:89:94:49:07:06:B0:B5:81:77","sha256":"D4:36:11:57:2B:02:68:9E:6E:A3:0D:48:62:26:E2:21:24:BB:16:6D:12:8E:FE:C8:CB:8B:F2:35:CD:6E:C6:8D"}}},"request":{"raw":"GET /media/empire/rewards/stars-5.svg HTTP/1.1\r\nHost: www.idle-empire.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zenvault-airdrop.pro/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Apr 2026 12:29:29 GMT\r\ncontent-type: image/svg+xml\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nlast-modified: Mon, 02 Mar 2026 13:02:59 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=FZslYLtmN2aEQMaacy4PPEMVrxW0FP8cYkwALtBT7pc%3D\\u0026sid=67ff5de4-ad2b-4112-9289-cf96be89efed\\u0026ts=1775367500\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=FZslYLtmN2aEQMaacy4PPEMVrxW0FP8cYkwALtBT7pc%3D\u0026sid=67ff5de4-ad2b-4112-9289-cf96be89efed\u0026ts=1775367500\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\ncache-control: max-age=691200\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\netag: W/\"744-64c0a34c566c0\"\r\ncontent-encoding: br\r\ncf-ray: 9e91471ffa9f0daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1860,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4cb3ac5c9d66c0b3b5b889349b545585","sha1":"292bb2bdfb831a7e280fcc30465b9a0a86a09de1","sha256":"07032e23112d50186d235302b9180a9cb40f7526e0c25c57db731deda247dbe6","sha512":"06dd13aabacbd64a214c56b52771c942fe3777abf063c27497a61faa8a5f1fce23e518d7b71b51a5bcd115b2b6c93f412db5abd5a4f0f8f1f96ab9ce99adf8ca","ssdeep":"","tlshash":"f531fe50b1a2e12a8f5c84414eeef98da91d624f32a0bb7e648ccda0e45c5cf56ed5c3","first_seen":"2026-02-11T07:42:30.237005Z","last_seen":"2026-04-08T12:49:24.926529Z","times_seen":4,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":34,"dns":10,"connect":3,"send":0,"wait":384,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.idle-empire.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.idle-empire.com/assets/empire/fonts/source-sans-pro-400.woff2","fqdn":"www.idle-empire.com","domain":"idle-empire.com","tld":"com"},"ip":{"addr":"172.67.73.185","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://zenvault-airdrop.pro/","date":"2026-04-08T12:29:29.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idle-empire.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 05:53:35 GMT","end":"Sun, 14 Jun 2026 06:53:19 GMT"},"fingerprint":{"sha1":"C4:1E:E9:64:75:04:30:ED:D7:1E:C7:89:94:49:07:06:B0:B5:81:77","sha256":"D4:36:11:57:2B:02:68:9E:6E:A3:0D:48:62:26:E2:21:24:BB:16:6D:12:8E:FE:C8:CB:8B:F2:35:CD:6E:C6:8D"}}},"request":{"raw":"GET /assets/empire/fonts/source-sans-pro-400.woff2 HTTP/1.1\r\nHost: www.idle-empire.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://zenvault-airdrop.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zenvault-airdrop.pro/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Apr 2026 12:29:29 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 16112\r\naccept-ranges: bytes\r\netag: \"3ef0-64c0a34c566c0\"\r\nlast-modified: Mon, 02 Mar 2026 13:02:59 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=9cDlpOucFfVuLyW7qE1HSHNIeR%2BciTXZs%2FitBd50B4k%3D\\u0026sid=67ff5de4-ad2b-4112-9289-cf96be89efed\\u0026ts=1775651369\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=9cDlpOucFfVuLyW7qE1HSHNIeR%2BciTXZs%2FitBd50B4k%3D\u0026sid=67ff5de4-ad2b-4112-9289-cf96be89efed\u0026ts=1775651369\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\ncache-control: max-age=691200\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\ncf-ray: 9e9147235d8f0daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4096,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16112, version 1.0","md5":"5dde63b5124f1c1152b03abd6adc2e09","sha1":"7be98af11e337b73834689291e28f1f72480f7aa","sha256":"f0a7be525dcc3bfac5d4dce95b3d95217841bde4569c2bc35be42f5197497bfb","sha512":"4fe6fc16a5c1dd291b3607d97c60062ffbeb590af48cb026e98006dcbe4d9096b9579e0865f604f2a30b8a4c0a633cc4e548b20318698c39503f08582f9ac87f","ssdeep":"","tlshash":"b1817e5ec8b07b4bfd04df792dc1b9545bf0166083b2c686a55480e11281ccc6a9b327","first_seen":"2026-04-08T12:29:54.844532Z","last_seen":"2026-04-08T12:29:54.844532Z","times_seen":1,"resource_available":false,"data":null}},"time_used":470,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":467,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.idle-empire.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zenvault-airdrop.pro/zenvault-logo.svg","fqdn":"zenvault-airdrop.pro","domain":"zenvault-airdrop.pro","tld":"pro"},"ip":{"addr":"144.31.151.175","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zenvault-airdrop.pro/","date":"2026-04-08T12:29:28.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zenvault-airdrop.pro","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 06 Apr 2026 00:23:25 GMT","end":"Sun, 05 Jul 2026 00:23:24 GMT"},"fingerprint":{"sha1":"3F:33:32:F9:33:76:7D:4A:AB:FA:95:41:EB:7C:59:65:A9:53:C4:1B","sha256":"37:37:60:DE:5C:BA:F0:26:79:59:61:73:90:8A:2C:A1:55:2A:88:09:97:57:B7:79:40:0B:BA:00:05:A7:6C:D7"}}},"request":{"raw":"GET /zenvault-logo.svg HTTP/1.1\r\nHost: zenvault-airdrop.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zenvault-airdrop.pro/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Wed, 08 Apr 2026 12:29:28 GMT\r\nContent-Type: image/svg+xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":620,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cd02713478952488f6b932f1a2d3430b","sha1":"bab5804ac80e90ee0d20e1c33663b39846d04a2b","sha256":"49545016b6e790fe3026c58ef3c7cc1293224f924fb2ed8bab392bd39ac24e1d","sha512":"309e841b335f0e087109d1ffbe2503b921c851f6506dc1feb55fee653858e2817f104fdc9a557dc32dfa22aa29a96fa268b2832f105984cfe01ab875144fa0aa","ssdeep":"","tlshash":"c2f0ac17e2a98801d5441c583e857ed62446d10fd259d0483a8d9a08cf088e2a4ca75c","first_seen":"2026-04-08T12:29:54.845444Z","last_seen":"2026-04-08T12:49:24.927019Z","times_seen":2,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"zenvault-airdrop.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.idle-empire.com/assets/empire/static/tailwind.1.1.2.min.css","fqdn":"www.idle-empire.com","domain":"idle-empire.com","tld":"com"},"ip":{"addr":"172.67.73.185","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zenvault-airdrop.pro/","date":"2026-04-08T12:29:28.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idle-empire.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 05:53:35 GMT","end":"Sun, 14 Jun 2026 06:53:19 GMT"},"fingerprint":{"sha1":"C4:1E:E9:64:75:04:30:ED:D7:1E:C7:89:94:49:07:06:B0:B5:81:77","sha256":"D4:36:11:57:2B:02:68:9E:6E:A3:0D:48:62:26:E2:21:24:BB:16:6D:12:8E:FE:C8:CB:8B:F2:35:CD:6E:C6:8D"}}},"request":{"raw":"GET /assets/empire/static/tailwind.1.1.2.min.css HTTP/1.1\r\nHost: www.idle-empire.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zenvault-airdrop.pro/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Apr 2026 12:29:29 GMT\r\ncontent-type: text/css\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nlast-modified: Mon, 02 Mar 2026 13:02:59 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=EHczVYuLq58WmhvKwBYrXmE%2FDH%2Fz3LnKPCcOJKIkTdA%3D\\u0026sid=67ff5de4-ad2b-4112-9289-cf96be89efed\\u0026ts=1775367499\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=EHczVYuLq58WmhvKwBYrXmE%2FDH%2Fz3LnKPCcOJKIkTdA%3D\u0026sid=67ff5de4-ad2b-4112-9289-cf96be89efed\u0026ts=1775367499\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\ncache-control: max-age=691200\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\netag: W/\"8621c-64c0a34c566c0\"\r\ncontent-encoding: br\r\ncf-ray: 9e9147200aa90daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":549404,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"f2d43b4b820a21075fd17c9859156351","sha1":"a330cc468bef98b602443854ae06a3156bd1fd2c","sha256":"6c2405e4eb9f5a558cfcc5bd9826ff78389bbdf7f55bc04dabd64aebd0bc1522","sha512":"610eb02a8650773d0f94df686d22ce56429e2674cf9b629bf92884eaac02d33383cbd692b71c84a7c7dad497823316f8a951e41d6af5a50bc070459c9d38a210","ssdeep":"1536:bFG+0sJWhJS53LmHKAtIfOXlkx9jSbxKTfjDxOcqFq4QMSwYogXGgNY+UiEmbTRO:ucqFq4Q7ogRY+UiEmq4kHz+k","tlshash":"72c48838dfa7268b74a3cb3d6081fed6963613878c01577af832b82068159d4d6b76f4","first_seen":"2023-06-06T15:27:20Z","last_seen":"2026-04-08T12:49:24.925755Z","times_seen":10,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":38,"dns":12,"connect":1,"send":0,"wait":377,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.idle-empire.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s3.idle-empire.com/public/shop/rewards/main/amazon-gift-cards.png","fqdn":"s3.idle-empire.com","domain":"idle-empire.com","tld":"com"},"ip":{"addr":"104.26.7.32","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zenvault-airdrop.pro/","date":"2026-04-08T12:29:28.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idle-empire.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 05:53:35 GMT","end":"Sun, 14 Jun 2026 06:53:19 GMT"},"fingerprint":{"sha1":"C4:1E:E9:64:75:04:30:ED:D7:1E:C7:89:94:49:07:06:B0:B5:81:77","sha256":"D4:36:11:57:2B:02:68:9E:6E:A3:0D:48:62:26:E2:21:24:BB:16:6D:12:8E:FE:C8:CB:8B:F2:35:CD:6E:C6:8D"}}},"request":{"raw":"GET /public/shop/rewards/main/amazon-gift-cards.png HTTP/1.1\r\nHost: s3.idle-empire.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zenvault-airdrop.pro/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Apr 2026 12:29:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 33646\r\nx-amz-id-2: xWzbCg9ltLqSQ466zNSn5WCNLsA0qlIN3dx1XtqLCWvBQ+BfjffxVQrJtpHHtfRHYrpoEm+Rpy4=\r\nx-amz-request-id: PZW3Z1Z3TH3NH95V\r\nlast-modified: Fri, 01 Nov 2019 16:34:06 GMT\r\netag: \"144e8a87486824376efc8aff85aa6c30\"\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncache-control: max-age=691200\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YET0gpQwCvMT%2BW2lT1YPpZcqpD8jRmSylqp8b150VMUBNiJYAbz9lPYYV5PY%2Fvy2VBvcqAIzZ4TzydnOaUqeQWhNEb8vOO67P8EARTVx0iVGUbM4uBnj1clUR9jjEvbNoffYnA%3D%3D\"}]}\r\ncf-ray: 9e9147200f5676ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33646,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 517, 8-bit colormap, non-interlaced","md5":"144e8a87486824376efc8aff85aa6c30","sha1":"1d829d87ffddab74c0b9c68fcea5a0ced33f3387","sha256":"33f1f473835c0176980a5f4bf778327a698272725d787039f6de32db88d83383","sha512":"473cc548f50f03fbda21dc6bc4ac3bdb3558e2134bb1922c80377e9973f2aa40ec1889cd169425896f1c216816c03f707956711a57ff8ea79f9e03e2d43eaf6d","ssdeep":"768:62s3vHP7a1xuc0iX8TiAcHVix4aAubK+RdC1:VoHTaPunHTiAcnaAqKJ","tlshash":"5fe2f23abe6a997ee0a4854e83f0dd12ecba8c578504a39c9d02e4fc7395324cd5b549","first_seen":"2026-04-08T12:29:54.847995Z","last_seen":"2026-04-08T12:29:54.847995Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1210,"timings":{"blocked":36,"dns":12,"connect":1,"send":0,"wait":938,"receive":199,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"s3.idle-empire.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zenvault-airdrop.pro/favicon.ico","fqdn":"zenvault-airdrop.pro","domain":"zenvault-airdrop.pro","tld":"pro"},"ip":{"addr":"144.31.151.175","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zenvault-airdrop.pro/","date":"2026-04-08T12:29:29.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zenvault-airdrop.pro","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 06 Apr 2026 00:23:25 GMT","end":"Sun, 05 Jul 2026 00:23:24 GMT"},"fingerprint":{"sha1":"3F:33:32:F9:33:76:7D:4A:AB:FA:95:41:EB:7C:59:65:A9:53:C4:1B","sha256":"37:37:60:DE:5C:BA:F0:26:79:59:61:73:90:8A:2C:A1:55:2A:88:09:97:57:B7:79:40:0B:BA:00:05:A7:6C:D7"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: zenvault-airdrop.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zenvault-airdrop.pro/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Wed, 08 Apr 2026 12:29:29 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8147,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (608)","md5":"ecb6572577e3c5355669ebdf9789ee45","sha1":"0f99b92f9c37a8083add047c147e2931f8ab80dc","sha256":"fc6f8770c9f51d20007ee551ca6350baac735bc6db1dcb25b49afb1c3ea2a248","sha512":"eefe3e5860145fb30a847503501fed3cbf96df0a17a7677933724e67f4718f5a942e185585074794d6d8ed8986938db4dbdb39055bf1cc62f490617db1e84261","ssdeep":"192:JVM5w5gZNIPss/dfdnfoSPa2t+g0rmsuzS:JVM1IEs/9S/YYmsuzS","tlshash":"c7f1f9a411f101f56193c6b2b7a1bb0e2ff9e06bd54f8991b3bd0750afa2c55490331c","first_seen":"2026-04-08T12:29:54.842479Z","last_seen":"2026-04-08T12:49:24.925134Z","times_seen":2,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"zenvault-airdrop.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.idle-empire.com/assets/empire/fonts/source-sans-pro-700.woff2","fqdn":"www.idle-empire.com","domain":"idle-empire.com","tld":"com"},"ip":{"addr":"172.67.73.185","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://zenvault-airdrop.pro/","date":"2026-04-08T12:29:29.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idle-empire.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 05:53:35 GMT","end":"Sun, 14 Jun 2026 06:53:19 GMT"},"fingerprint":{"sha1":"C4:1E:E9:64:75:04:30:ED:D7:1E:C7:89:94:49:07:06:B0:B5:81:77","sha256":"D4:36:11:57:2B:02:68:9E:6E:A3:0D:48:62:26:E2:21:24:BB:16:6D:12:8E:FE:C8:CB:8B:F2:35:CD:6E:C6:8D"}}},"request":{"raw":"GET /assets/empire/fonts/source-sans-pro-700.woff2 HTTP/1.1\r\nHost: www.idle-empire.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://zenvault-airdrop.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zenvault-airdrop.pro/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Apr 2026 12:29:29 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 15764\r\naccept-ranges: bytes\r\netag: \"3d94-64c0a34c566c0\"\r\nlast-modified: Mon, 02 Mar 2026 13:02:59 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=9cDlpOucFfVuLyW7qE1HSHNIeR%2BciTXZs%2FitBd50B4k%3D\\u0026sid=67ff5de4-ad2b-4112-9289-cf96be89efed\\u0026ts=1775651369\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=9cDlpOucFfVuLyW7qE1HSHNIeR%2BciTXZs%2FitBd50B4k%3D\u0026sid=67ff5de4-ad2b-4112-9289-cf96be89efed\u0026ts=1775651369\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\ncache-control: max-age=691200\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\ncf-ray: 9e9147235da60daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4096,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15764, version 1.0","md5":"4bcf036df7a36e785d5e556eeb2cdd22","sha1":"0ba8962aae4ce3aef2c315f50fd5b2021ababbd3","sha256":"de8ffebd66863953097b92a197eaa9bcfd314c2b5097f94c7055c2cd537bb34f","sha512":"d4565b595623d5df7398dde2fe88170387342e4bfffed56502a68ce1f130eca9d5d33c110748880795c955e4a67fb79b798c8cf66633b4c9a573a7309bc12954","ssdeep":"","tlshash":"7081affec639135ac252e0f81e06a117ea6bfcbd745963826c8df62009d8d1dc14bd94","first_seen":"2026-04-08T12:29:54.848911Z","last_seen":"2026-04-08T12:29:54.848911Z","times_seen":1,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":391,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.idle-empire.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}