{"report_id":"71b135e4-924b-4ccb-87e6-2fa0d9fba864","version":0,"status":"done","tags":[],"date":"2026-06-29T00:40:51Z","url":{"schema":"http","addr":"extra-redirectcheck.click","fqdn":"extra-redirectcheck.click","domain":"extra-redirectcheck.click","tld":"click"},"ip":{"addr":"104.21.59.201","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"allowscheck-jto.click/","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"title":"Claim Staking Rewards | Jito","dom":{"size":979359,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (42187)","md5":"48d825bf25bdc1f4058bad64ea8b9860","sha1":"158a0911b54f464fb17b1c6728d893f909752082","sha256":"21b8c25fd02bc501d865859a19936ae073a313ef674382eee19a784f314aa4fd","sha512":"f212310fcbf45dffa82ab19af75f07a8f0f5fb5aca2d55b54b9d75a4655ed27ac74a989a55a44d70527768436576b7b4012f6c27635e17377a5155a004f7c9fe","ssdeep":"12288:Y4YB6idxbfSHa9cwprzRvaAvAPARAPARAPAvcwprzRvJwSHN6z7id84YBV:Y77xmHayERvfY4K4K4kERvJBHN8K87V","tlshash":"5a25e03d75098497db06178ce4e6a92c6c6432df8dc5d098b74c32487b7ee98b33a19b","dom_hash":"domhash70612fff781db4be4da16f2a301c2c6a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"extra-redirectcheck.click","fqdn":"extra-redirectcheck.click","domain":"extra-redirectcheck.click","tld":"click"},"ip":{"addr":"104.21.59.201","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-03T00:40:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"extra-redirectcheck.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"extra-redirectcheck.click","ip":{"addr":"172.67.183.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-29T00:34:12.517228Z","last_seen":"2026-06-29T00:34:12.517228Z","alert_count":1,"request_count":1,"received_data":869,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-28T22:22:13.875484Z","alert_count":0,"request_count":1,"received_data":3345,"sent_data":535,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-06-28T22:41:44.776353Z","alert_count":0,"request_count":1,"received_data":306534,"sent_data":513,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"allowscheck-jto.click","ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-29T00:34:12.515827Z","last_seen":"2026-06-29T00:34:12.515827Z","alert_count":11,"request_count":11,"received_data":2366937,"sent_data":5681,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/lottie-web/5.12.2/lottie.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"55bf86203909151984bef8cbe4739d64","sha1":"543e646b2ff86405b77bd2514b1aede8a8b4cbd8","sha256":"a0757321f974527bda3cc2593bf56cc7ffe4578421249ced6ae49ffb1c529f90","sha512":"8c49ee0edea37de7028ed850009f9e774313540fbee592a69547260c606fdaf508fd1127e85b88762c4b367413faf2aeb04da18539368acddc16fbf9c00f9282","ssdeep":"3072:xnEwejqNqAvPSIoPayIYzfq526QGK2y0mbsZmml+39xzKMTlB6k:xUjqNqAvPSIoPayIYzfq52tU1l4fRRBl","tlshash":"a85419597254343805c540a9806f0a4bb736292e246ac49cb76cf4ffacbde8d31beb75","size":305543,"data":"","first_seen":"2023-07-18T12:10:25Z","last_seen":"2026-06-30T16:07:32.593864Z","times_seen":2154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1e665a2a2f21f72aeb8f6b4d82a51b04","sha1":"14bee3ea5d8b714ee194c6a1d631258914ccd0e4","sha256":"d7ccd7e5a0cda2731f32c8100b36d4dfa75997ffe0594f4fd917043634432f49","sha512":"89a7ea6ef0216bf841194973113378f67983d2b130d14f44d9d08fabf3cb6fcadcfc3bccdc369811b1e2dbb947d97c5297d709319ef55805affc63fd6d3d0109","ssdeep":"","tlshash":"6ec08090c9b4cb75dc1864ef10f473a47854396d105368cec1f95d89695cec35e48d12","size":180,"data":"","first_seen":"2026-06-29T00:34:16.977279Z","last_seen":"2026-06-29T00:40:53.542811Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"bfba0ee0a6f1c83bf814c9b019672b93","sha1":"08dc01c5c16457ff76cc34c644368f9ff63dd468","sha256":"05ca71c0f342a6b2784a688fa11d51dc4c61fd040e03b85236fb84011ec8368f","sha512":"f141166551e3413526dcbbf5d0e58c7b9c003350ecf014696558c6757f1eed5e9f1b3ef81b90f0701eeb3663a2a3e0fd37018dcb5ad5e13e2dd2ccb7d9564408","ssdeep":"","tlshash":"6d51129932e690386d776fbfe7cb41b438202043640ad975799e4352cf11d45487a6ff","size":2754,"data":"","first_seen":"2026-06-29T00:34:16.979155Z","last_seen":"2026-06-29T00:40:53.54371Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/secureproxy?s=%2Fipfs%2Fy-Hyryj4Iqn7pFmgzymdzQ5e5ac2017f374625b127920e4b2c3aa6%3Ft%3D1782693627130","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3af64d9509cbe11dfdbc60dbc46aac6b","sha1":"05a2fe85ff5b906c4ec1fa5f4b3600339335b072","sha256":"c11f35ba08b25230f2495788a20f3ec3dd7859a4e30d3829155e5a8a20d38b28","sha512":"b5444954211dd058fd5f211400e8e818ed7879fffd3beee7cf602c4a48e97413cf34c3c487ffc052ef8fad72f738ab24d30d4b2a6d64190e7ade2a1f2c090e1b","ssdeep":"6144:Bh5gDloQDCMEWm7ECNF0gct3VyBKbMboOeC2PYqxQWNahLYzO5WuS2KImDnyJnU6:JsloQDC6m7hFqa/J/","tlshash":"f8d4becaa73d377f5ae01aab0c2b413fefc80d1e216b09c852d1b8d9527970693d915e","size":619148,"data":"","first_seen":"2026-06-29T00:40:53.529492Z","last_seen":"2026-06-29T00:40:53.529492Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/lottie-web/5.12.2/lottie.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:26.994Z","timestamp":1782693626994,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/lottie-web/5.12.2/lottie.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://allowscheck-jto.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Mon, 29 Jun 2026 00:40:27 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Tue, 09 Jan 2024 01:50:30 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 560\r\nexpires: Sat, 19 Jun 2027 00:40:27 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xlNNpLc7%2FD1ixlHoRzp%2F9YWMx6eB%2BLz8wLptgGgWp6FZH9BFSlJY6AvjFGqmAQ4a9%2F3WVPjmfKKy8soAUQIeIp%2Be3xSay5gypF2wEueIFxlH%2FYgtQN28PFfcV7MCJHWBVV7OKxYi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a130e140cbb256c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":305543,"size_decoded":64668,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"55bf86203909151984bef8cbe4739d64","sha1":"543e646b2ff86405b77bd2514b1aede8a8b4cbd8","sha256":"a0757321f974527bda3cc2593bf56cc7ffe4578421249ced6ae49ffb1c529f90","sha512":"8c49ee0edea37de7028ed850009f9e774313540fbee592a69547260c606fdaf508fd1127e85b88762c4b367413faf2aeb04da18539368acddc16fbf9c00f9282","ssdeep":"3072:xnEwejqNqAvPSIoPayIYzfq526QGK2y0mbsZmml+39xzKMTlB6k:xUjqNqAvPSIoPayIYzfq52tU1l4fRRBl","tlshash":"a85419597254343805c540a9806f0a4bb736292e246ac49cb76cf4ffacbde8d31beb75","first_seen":"2023-07-18T12:10:25Z","last_seen":"2026-06-30T16:07:32.593864Z","times_seen":2154,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":2,"connect":10,"send":0,"wait":13,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/secureproxy?s=%2Fipfs%2Fy-Hyryj4Iqn7pFmgzymdzQ5e5ac2017f374625b127920e4b2c3aa6%3Ft%3D1782693627130","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:27.132Z","timestamp":1782693627132,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allowscheck-jto.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 20:00:10 GMT","end":"Mon, 21 Sep 2026 20:58:32 GMT"},"fingerprint":{"sha1":"35:15:55:10:82:23:C6:9D:B3:3F:E0:39:0A:7D:AC:1C:40:AE:FB:51","sha256":"65:E3:F5:E8:B0:B2:B4:B2:C0:3F:60:30:2D:88:A9:3D:1D:BA:C9:C0:DF:09:EF:FF:33:B8:19:93:B2:78:DF:12"}}},"request":{"raw":"GET /secureproxy?s=%2Fipfs%2Fy-Hyryj4Iqn7pFmgzymdzQ5e5ac2017f374625b127920e4b2c3aa6%3Ft%3D1782693627130 HTTP/1.1\r\nHost: allowscheck-jto.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://allowscheck-jto.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:27 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"9728c-BaL+hf9bkGxOwfpfSzYAM5M1sHI\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=-Ea01vYyiBkd-f8spd5qRQ.js\r\ncdn-proxyver: 1.57\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 06/29/2026 00:40:27\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: b716dd4f1e59282419d8162c7bb5188d\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PE1FUtarqg05Axp8haoPzybJwLi9EufvnNwtfgBU7UV9Tdz99CGv5Iy9nNHqk9X9J4B1lXrANB7%2FwWuBM9eDNkNtEOFE9ATghk6yEiYTcSezbmviANCFc9TDmNww3WA1XLyRqoGP8m0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: a130e1419b39b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":619148,"size_decoded":137610,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3af64d9509cbe11dfdbc60dbc46aac6b","sha1":"05a2fe85ff5b906c4ec1fa5f4b3600339335b072","sha256":"c11f35ba08b25230f2495788a20f3ec3dd7859a4e30d3829155e5a8a20d38b28","sha512":"b5444954211dd058fd5f211400e8e818ed7879fffd3beee7cf602c4a48e97413cf34c3c487ffc052ef8fad72f738ab24d30d4b2a6d64190e7ade2a1f2c090e1b","ssdeep":"6144:Bh5gDloQDCMEWm7ECNF0gct3VyBKbMboOeC2PYqxQWNahLYzO5WuS2KImDnyJnU6:JsloQDC6m7hFqa/J/","tlshash":"f8d4becaa73d377f5ae01aab0c2b413fefc80d1e216b09c852d1b8d9527970693d915e","first_seen":"2026-06-29T00:40:53.529492Z","last_seen":"2026-06-29T00:40:53.529492Z","times_seen":1,"resource_available":true,"data":null}},"time_used":659,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":589,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/assets/fonts/Aeonik-Regular.otf","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:27.168Z","timestamp":1782693627168,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allowscheck-jto.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 20:00:10 GMT","end":"Mon, 21 Sep 2026 20:58:32 GMT"},"fingerprint":{"sha1":"35:15:55:10:82:23:C6:9D:B3:3F:E0:39:0A:7D:AC:1C:40:AE:FB:51","sha256":"65:E3:F5:E8:B0:B2:B4:B2:C0:3F:60:30:2D:88:A9:3D:1D:BA:C9:C0:DF:09:EF:FF:33:B8:19:93:B2:78:DF:12"}}},"request":{"raw":"GET /assets/fonts/Aeonik-Regular.otf HTTP/1.1\r\nHost: allowscheck-jto.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://allowscheck-jto.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:27 GMT\r\ncontent-type: application/octet-stream\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3zbb5Zp8ZA7kOrDT%2FeWN5tVQmw5YQxwLR%2B3Lwjgb6C%2FbHr7GtWeDgKDfs%2BjdXnMJP7rrPCtSh2rkurJ3oehFzF74QNK1uVcMabj%2Fb0z1d0%2BMgQvmkYl%2BGtV11ScMrgO6h%2BbzeEEIqfU%3D\"}]}\r\ncast-mode: default\r\nlast-modified: Tue, 23 Jun 2026 21:04:51 GMT\r\netag: \"6a3af4f3-1d044\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 398\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 118852\r\ncf-ray: a130e141cb3eb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":118852,"size_decoded":119822,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"844324dc83d98980285a9ab8f3dcb5f0","sha1":"23c5509c167f7fb3985302a148e5d97d74f573df","sha256":"cdd8de1c7cb7a759b53d2830e8000f32e91c40337829c9d398d9b6cf55e5bae8","sha512":"00f5e77506719666e8c8296adfb9928aa8ff69ec5b0f43ca725d8289add8e032fbff6f4c80e79847291767c002eb18c50a4473609ed5a0ac7101775dd990a0ca","ssdeep":"1536:dwHtDhkyml/y/uNHMmrSuDH47MN3I2zkFTOVKbx7Zjp/Xotk17u4javdK7fgsQyi:fPxymNmCY7QY2zmNXNu4GvdK7fgsti","tlshash":"43c32a025bc95a64cec40a36c4eecbe30bb3dddc1d2816865ad216455ffcf92d6123ea","first_seen":"2023-04-15T15:59:13Z","last_seen":"2026-06-30T03:25:19.076995Z","times_seen":254,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/secureproxy?s=%2Fjmpd%2F","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:28.550Z","timestamp":1782693628550,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allowscheck-jto.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 20:00:10 GMT","end":"Mon, 21 Sep 2026 20:58:32 GMT"},"fingerprint":{"sha1":"35:15:55:10:82:23:C6:9D:B3:3F:E0:39:0A:7D:AC:1C:40:AE:FB:51","sha256":"65:E3:F5:E8:B0:B2:B4:B2:C0:3F:60:30:2D:88:A9:3D:1D:BA:C9:C0:DF:09:EF:FF:33:B8:19:93:B2:78:DF:12"}}},"request":{"raw":"POST /secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: allowscheck-jto.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://allowscheck-jto.click/\r\ncontent-type: application/json\r\nContent-Length: 1420\r\nOrigin: https://allowscheck-jto.click\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:29 GMT\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\r\nx-ratelimit-limit: 20\r\nx-ratelimit-remaining: 19\r\nx-ratelimit-reset: 1782693688617\r\ncdn-proxyver: 1.57\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 204\r\ncdn-cachedat: 06/29/2026 00:40:29\r\ncdn-edgestorageid: 1445\r\ncdn-requestid: 18d2aebe45991feb1d8d9031d3750a0f\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FLp08hQQYGn9kBgQoRew2n7Oya1Ud1yTi%2BFonnilWh9TJQuXQb7g%2BgAoZ34SwubExsPUl6sLWXGKDnXCbJZMYpICVzUIL7WgPw%2FId9avtFjM8r3S2O8%2Fz5KofwUdFHKNfRitROtCKzo%3D\"}]}\r\ncf-ray: a130e14a7bcbb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":3408,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T23:18:57.370524Z","times_seen":16873015,"resource_available":true,"data":null}},"time_used":647,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":647,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/assets/fonts/Aeonik-Bold.otf","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:27.172Z","timestamp":1782693627172,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allowscheck-jto.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 20:00:10 GMT","end":"Mon, 21 Sep 2026 20:58:32 GMT"},"fingerprint":{"sha1":"35:15:55:10:82:23:C6:9D:B3:3F:E0:39:0A:7D:AC:1C:40:AE:FB:51","sha256":"65:E3:F5:E8:B0:B2:B4:B2:C0:3F:60:30:2D:88:A9:3D:1D:BA:C9:C0:DF:09:EF:FF:33:B8:19:93:B2:78:DF:12"}}},"request":{"raw":"GET /assets/fonts/Aeonik-Bold.otf HTTP/1.1\r\nHost: allowscheck-jto.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://allowscheck-jto.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:27 GMT\r\ncontent-type: application/octet-stream\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bkswBfHgmZNbDbz6XFwmKk%2Fm83HIeXc%2BoInFYOta3aYorCMDUFlAvY0hkiPe5JowAjAEtCCLil5GBS5edA35QR0DCq3Vn1KvgiQzYsdYcPD7Y6fu8LZGT03lpir%2BRCH%2BxwFoii0CJuU%3D\"}]}\r\ncast-mode: default\r\nlast-modified: Tue, 23 Jun 2026 21:04:51 GMT\r\netag: \"6a3af4f3-1d188\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 398\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 119176\r\ncf-ray: a130e141db41b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119176,"size_decoded":120138,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"3ab5a6301d79b3e3e3afeca89c2d1695","sha1":"4f2ce3d81d3cfb85ac46d73b024b0f626765a06c","sha256":"0b9aa117448147a616b62314d1c8dc1c0d1215ae36b280d50579d451fadfdf94","sha512":"8242d373a90ecada58f2bf17ad02298e61fbf960f5eb8f0b166780de9b97bb3dfb0c4f0bb3399ca9fed328c614ded4718a34eeb7c5a2004098d3dceaf81711a8","ssdeep":"1536:5sHFDzgw1dm3WWHXWtvyDEAdv7/0TD35VH2P/CfppTP4flXW+W66:igxWWHBtdITD3UC/gflXO66","tlshash":"d0c32c025b892564cad41936c4efcfe74bb3dddd5d2802864ac226450ffcfa2d6223e9","first_seen":"2023-04-15T15:59:13Z","last_seen":"2026-06-30T03:25:19.049039Z","times_seen":202,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/assets/icons/jto.ico","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:27.430Z","timestamp":1782693627430,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allowscheck-jto.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 20:00:10 GMT","end":"Mon, 21 Sep 2026 20:58:32 GMT"},"fingerprint":{"sha1":"35:15:55:10:82:23:C6:9D:B3:3F:E0:39:0A:7D:AC:1C:40:AE:FB:51","sha256":"65:E3:F5:E8:B0:B2:B4:B2:C0:3F:60:30:2D:88:A9:3D:1D:BA:C9:C0:DF:09:EF:FF:33:B8:19:93:B2:78:DF:12"}}},"request":{"raw":"GET /assets/icons/jto.ico HTTP/1.1\r\nHost: allowscheck-jto.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://allowscheck-jto.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:27 GMT\r\ncontent-type: image/x-icon\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lHSNLOio3%2Fxda76kGkyVTqTOjUhMVpEvVYcJGk8FwrJhODR3xikRJHp91m4HJ6E6n2BwQLaNwpLwFaXkIDOe1zYQPkj8OdTEY%2BGVjFX4PhNj0%2Bq7HiBDt07%2Fm%2BqyzMd93dBuP20wqL0%3D\"}]}\r\ncast-mode: default\r\nlast-modified: Tue, 23 Jun 2026 21:04:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\npriority: u=6,i=?0\r\nage: 398\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a3af4f3-576e\"\r\ncf-ray: a130e1437b50b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22382,"size_decoded":5626,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"dfa170c4e71d08415c03ecc44ac8a8ea","sha1":"4014e39c3797c5f33b4c449bf2dee00acea8441d","sha256":"3dcff0e2fbcdf97a708579c536bc5356b1aa1b7250ff6051d624b1826e7a7869","sha512":"d84bd37b118ff5db04a1ba41722ccf47bec0fbbd78b9b38c2b08632156ba266823defebdaf307014972b0acfce8815d4199808381aabcc290abd7108e040d205","ssdeep":"96:o/rSpUQ8RSxoSv5gJCJcI5VcNzNesBxcEj1moK2as+oxO3BLmKX8ZM1:Iibwoc+9V6LLZmaaexQf8ZM1","tlshash":"77a2b49606504c22db1d52f0ab8bcafe22736d792732960dd4fa7d7339ba2470c2145d","first_seen":"2025-07-16T14:09:54.336258Z","last_seen":"2026-06-29T00:40:53.533802Z","times_seen":74,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-29T00:40:26.420Z","timestamp":1782693626420,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allowscheck-jto.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 20:00:10 GMT","end":"Mon, 21 Sep 2026 20:58:32 GMT"},"fingerprint":{"sha1":"35:15:55:10:82:23:C6:9D:B3:3F:E0:39:0A:7D:AC:1C:40:AE:FB:51","sha256":"65:E3:F5:E8:B0:B2:B4:B2:C0:3F:60:30:2D:88:A9:3D:1D:BA:C9:C0:DF:09:EF:FF:33:B8:19:93:B2:78:DF:12"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: allowscheck-jto.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://extra-redirectcheck.click/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:26 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Tue, 23 Jun 2026 21:04:49 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lncEwB%2BguoM1jyH%2FUfpXuF0w5I1bskCY2lnSQ5siYeSdOCAfyfogCUQnN8CLp3hIW9dQjkcI2POXAnUwgeL2owlPGgXGfGECYPihcvvgryUUM%2FzTz1i8EqgP9qnr%2F72pmof%2FhaIwP4Y%3D\"}]}\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a130e13d9b04b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}],"data":{"size":28613,"size_decoded":7088,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1112)","md5":"36bd7f163a5c46b7ada6db423e506811","sha1":"167602a68711c3b43f44dfa5c5b07358011efbcd","sha256":"d15231e1ad72635e51e0721b7dd96f6e58e617f33bfbf845e07758a790487ef4","sha512":"384ac79f35b9fdc5aa92e31fe5cf4bc141f069702280444f505305655e0487771df65398dfd8998cffd54704d876c284dcd6d75f2bf5a619506c5fc32d46ef8d","ssdeep":"384:7Ykfd4qxv615xNGfkN58LADVAU2trtJc5Ax:zfd25xNGsN58LADVT2trl","tlshash":"01d2855e11f30029b943a9a9b7f62b266aa8d403c10fcd683bad1654cfcad80d9537dc","first_seen":"2026-06-29T00:34:16.970374Z","last_seen":"2026-06-29T00:40:53.53535Z","times_seen":4,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":59,"connect":9,"send":0,"wait":174,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/assets/icons/jito-black.svg","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:26.997Z","timestamp":1782693626997,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allowscheck-jto.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 20:00:10 GMT","end":"Mon, 21 Sep 2026 20:58:32 GMT"},"fingerprint":{"sha1":"35:15:55:10:82:23:C6:9D:B3:3F:E0:39:0A:7D:AC:1C:40:AE:FB:51","sha256":"65:E3:F5:E8:B0:B2:B4:B2:C0:3F:60:30:2D:88:A9:3D:1D:BA:C9:C0:DF:09:EF:FF:33:B8:19:93:B2:78:DF:12"}}},"request":{"raw":"GET /assets/icons/jito-black.svg HTTP/1.1\r\nHost: allowscheck-jto.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://allowscheck-jto.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:27 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UgbrUUmE1qMWu9IWLYVfpfJ8tlQaPNsStbYbjaxZmuRxUu6kkrLSU41VPRb%2BGA0FJX0Hy4SwQWbgSJwCYq1VhYL3wa5D25L9KGGAmsmqz%2FKEWMjXtWE1Hkw4BMjSjRGDJOoFfWVaPkI%3D\"}]}\r\ncast-mode: default\r\nlast-modified: Tue, 23 Jun 2026 21:04:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\npriority: u=5,i\r\nage: 398\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a3af4f2-689\"\r\ncf-ray: a130e140bb32b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1673,"size_decoded":1703,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"597050b5e30cc8ad0e0fdd7edfc633a1","sha1":"c175cfdc83ad0b913f4901e30c9fa2ce6a86b607","sha256":"1d8dd3613cf2cdf42f75270c15511e0bef121cb2660c9d917e41ccae67898b06","sha512":"0fbfe13ab0b295ef82004df57edf385f390044ed5091fe8e14a4f87ea931d97fc3d1410a54ec74f77138dad4e39d4f5f0f283145c91e422b061647187a174e3e","ssdeep":"","tlshash":"c93110e493d041a491062bb44618e433ec1f31fd66a28abcc5b8be417c8b46e890edce","first_seen":"2025-09-19T02:32:18.942138Z","last_seen":"2026-06-29T00:40:53.536559Z","times_seen":55,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"extra-redirectcheck.click/","fqdn":"extra-redirectcheck.click","domain":"extra-redirectcheck.click","tld":"click"},"ip":{"addr":"172.67.183.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-29T00:40:25.951Z","timestamp":1782693625951,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"extra-redirectcheck.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 19:56:01 GMT","end":"Mon, 21 Sep 2026 20:53:40 GMT"},"fingerprint":{"sha1":"F7:F4:DF:68:23:A6:85:30:04:71:FC:9B:7E:0F:C1:D6:77:F5:E5:0F","sha256":"69:BE:F4:A5:14:E9:28:C9:AC:76:CA:77:79:7E:78:F4:4D:59:8E:9B:CE:71:50:35:63:6D:33:2D:EA:DA:D2:76"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: extra-redirectcheck.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:26 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Tue, 23 Jun 2026 23:42:06 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JsRLFBs8EgV8ZROAy%2F%2FwF0mZd6twSLDrT4iRtiFaA4uqEljkjNiG%2BxxNqSXF09KRIWYFP%2Bo63Z2xGpqa6ihWTvz1j67yC9m4oN8PnIkXi3I1aL94NHHdf%2BEAcAuOL9dJ5sxWI10a5fJl5dZ0\"}]}\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a130e13abe455684-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T23:18:57.370524Z","times_seen":16873015,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"extra-redirectcheck.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/css/styles.css","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:26.991Z","timestamp":1782693626991,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allowscheck-jto.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 20:00:10 GMT","end":"Mon, 21 Sep 2026 20:58:32 GMT"},"fingerprint":{"sha1":"35:15:55:10:82:23:C6:9D:B3:3F:E0:39:0A:7D:AC:1C:40:AE:FB:51","sha256":"65:E3:F5:E8:B0:B2:B4:B2:C0:3F:60:30:2D:88:A9:3D:1D:BA:C9:C0:DF:09:EF:FF:33:B8:19:93:B2:78:DF:12"}}},"request":{"raw":"GET /css/styles.css HTTP/1.1\r\nHost: allowscheck-jto.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://allowscheck-jto.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:26 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Tue, 23 Jun 2026 21:04:49 GMT\r\netag: W/\"6a3af4f1-485f7\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 398\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HGJbV6cR91P0ov8EuPfL8Nr%2BshLVlZi8loRyVxhSK2d%2BGTxYtV4giHsP8lZbRD7GtqqsBqnY%2FlugfjSwJbiwFyvq1Phx96bOo4STTF7iIn1%2Bx%2Fd2Tb8%2BClYHC2rG8LPcKYdMegw8hwA%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\ncf-ray: a130e140bb31b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":296439,"size_decoded":59983,"mime_type":"text/css","magic":"ASCII text, with very long lines (46360)","md5":"b329d33bc5d5b8445e439ca9cd0b646a","sha1":"54a33a868d0c0d75112a42e55f303804c5ff199c","sha256":"0451d533ef876e92075f4025c8051f803ec1f3e38f1a1bad8046aaa11fc07910","sha512":"b2b78bd0c2b12f3b0baef3eb987c7a83567d9db992cb7e7c68208a757b1e3595c4d4069785710b6a5097063aa0e4ba73c23cda017e705464442436b283e4a90a","ssdeep":"6144:SBHHC/TgoEHQZwgshB4lEuq1W1fu6p7346yqiCZMyVk7W1IhsFOQivSDAXphEY91:SJC/TgMIN","tlshash":"2554959dab52103f7c2740f6d169ad9cd12fa1c0ff2666eafd5216208ba17e72e53310","first_seen":"2026-06-29T00:34:16.973737Z","last_seen":"2026-06-29T00:40:53.537216Z","times_seen":4,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/assets/animation.json","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:27.146Z","timestamp":1782693627146,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allowscheck-jto.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 20:00:10 GMT","end":"Mon, 21 Sep 2026 20:58:32 GMT"},"fingerprint":{"sha1":"35:15:55:10:82:23:C6:9D:B3:3F:E0:39:0A:7D:AC:1C:40:AE:FB:51","sha256":"65:E3:F5:E8:B0:B2:B4:B2:C0:3F:60:30:2D:88:A9:3D:1D:BA:C9:C0:DF:09:EF:FF:33:B8:19:93:B2:78:DF:12"}}},"request":{"raw":"GET /assets/animation.json HTTP/1.1\r\nHost: allowscheck-jto.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://allowscheck-jto.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:27 GMT\r\ncontent-type: application/json\r\ncast-mode: default\r\nlast-modified: Tue, 23 Jun 2026 21:04:51 GMT\r\netag: W/\"6a3af4f3-fa5c1\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sgSOpHbp1%2BT1fMUMYITFdP4Jq8xLZ7w8twxEMBi9HxwXiRcqSbBsL8g%2F6MvHeFr%2BkK%2BCvby080OLD%2FMnm3wKX3TOf9qUBCG3fCu7BhvKSl2%2FjzN8%2FKTSAvC0xMlC%2F0%2FmXa%2FpRD2kGZ0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a130e141ab3bb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1025473,"size_decoded":235136,"mime_type":"application/json","magic":"JSON text data","md5":"e9c1837a1ab7953057504941bedef0de","sha1":"41323d201e205a69f2e84a8438a1f8f380f66b61","sha256":"2c6da9797f980c6d5bb3a7cd4024c53e8c359f547902cef02a8f8d6b578e0dec","sha512":"51e7d3083efb3cc12d135dbf30f5709edb4464f6232de35592c016c706f1dce076a8bd5bf3b38553dd9fe47d81ce3ffbda83b8bd33504551e696390258649d35","ssdeep":"6144:V4zxOB6UHw7iwUy6OsBqHddu5z2HMlRkgZlWmzWMprzRvt5aTZDuAV:V4YBKidrAUSHuZcwprzRvtAV","tlshash":"30251a79c6681caeb53d6338a9f99358eec4536b40d91c4b3f7c498c0fb31161a4ae1e","first_seen":"2026-06-29T00:34:16.952806Z","last_seen":"2026-06-29T00:40:53.53786Z","times_seen":4,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/assets/icons/jito-white.svg","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:26.999Z","timestamp":1782693626999,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allowscheck-jto.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 20:00:10 GMT","end":"Mon, 21 Sep 2026 20:58:32 GMT"},"fingerprint":{"sha1":"35:15:55:10:82:23:C6:9D:B3:3F:E0:39:0A:7D:AC:1C:40:AE:FB:51","sha256":"65:E3:F5:E8:B0:B2:B4:B2:C0:3F:60:30:2D:88:A9:3D:1D:BA:C9:C0:DF:09:EF:FF:33:B8:19:93:B2:78:DF:12"}}},"request":{"raw":"GET /assets/icons/jito-white.svg HTTP/1.1\r\nHost: allowscheck-jto.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://allowscheck-jto.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:27 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RmkxxaYRhLp34V85mdGH8%2BnqFCxUa6I3JA3o7Wx%2BwPSXuHejGuNS82e0qM0dh2xNWRCQYpNZHtesms7DgtQqaGGsVGT2Di1LNlbmBACCh1Sg7UR5mtijB3mSVF7u0XqfmB7Yc3Xbr6k%3D\"}]}\r\ncast-mode: default\r\nlast-modified: Tue, 23 Jun 2026 21:04:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\npriority: u=5,i\r\nage: 398\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a3af4f2-689\"\r\ncf-ray: a130e140bb33b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1673,"size_decoded":1700,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"dd9e6e163ab9c9e564a5b2e2a4b1dfba","sha1":"29c21cca518af8ba0236281c4a096fb74bfacbdb","sha256":"4e0251e57bf38ae037a4da19e27c80b2afcf0e19170b2c9cd03b206171bdfff7","sha512":"4c635db2e772c632000b10ba9707a0779942c089b28f89d1ccfd3015f0ecd73524cfb4e30a5641aa0a60489d9eb2d9369497754a9a107ae3948c8ebfc40eaba3","ssdeep":"","tlshash":"f43112e493d441a4910a2bb84618e433ad1b31fd6ae6da7cc5b87e41788746e890ddca","first_seen":"2025-10-01T18:47:23.760798Z","last_seen":"2026-06-29T00:40:53.538663Z","times_seen":18,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:27.015Z","timestamp":1782693627015,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:10 GMT","end":"Mon, 31 Aug 2026 08:38:09 GMT"},"fingerprint":{"sha1":"8A:2F:DC:6F:C0:09:07:D3:E5:9C:B7:EE:C2:C4:63:DC:59:36:B5:1B","sha256":"64:7C:E4:55:AB:5C:58:7E:89:F1:19:3B:95:DB:7B:4B:E6:75:42:2C:0C:51:2E:66:85:F5:BB:51:58:08:39:19"}}},"request":{"raw":"GET /css2?family=DM+Sans:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://allowscheck-jto.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 29 Jun 2026 00:40:27 GMT\r\ndate: Mon, 29 Jun 2026 00:40:27 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2661,"size_decoded":1126,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"133c49d93c90ee2a37f0bc1925994575","sha1":"dc39271b772db50e087d2df87b05d76d633de31f","sha256":"bef84bf20a597f5dee644e4e04158b2602810fe705906cd0703c02b0338ee821","sha512":"6ab01451653fc35f661f3f25dd0aa026ca9d65e64da13127fb9809c12c0b0519375e424e64e2c0cc29882a73294fc3ac342fa9c3445d9431962da9ddbe54fff8","ssdeep":"","tlshash":"30519981046ba550eb971cc422cdbe62ef1fa15424549c74abfe188cacaac3d5362b8d","first_seen":"2025-09-11T17:08:25.90182Z","last_seen":"2026-06-30T20:28:29.395642Z","times_seen":2608,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":0,"dns":2,"connect":15,"send":0,"wait":34,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allowscheck-jto.click/assets/fonts/Aeonik-Medium.otf","fqdn":"allowscheck-jto.click","domain":"allowscheck-jto.click","tld":"click"},"ip":{"addr":"104.21.61.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allowscheck-jto.click/","date":"2026-06-29T00:40:27.170Z","timestamp":1782693627170,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allowscheck-jto.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 20:00:10 GMT","end":"Mon, 21 Sep 2026 20:58:32 GMT"},"fingerprint":{"sha1":"35:15:55:10:82:23:C6:9D:B3:3F:E0:39:0A:7D:AC:1C:40:AE:FB:51","sha256":"65:E3:F5:E8:B0:B2:B4:B2:C0:3F:60:30:2D:88:A9:3D:1D:BA:C9:C0:DF:09:EF:FF:33:B8:19:93:B2:78:DF:12"}}},"request":{"raw":"GET /assets/fonts/Aeonik-Medium.otf HTTP/1.1\r\nHost: allowscheck-jto.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://allowscheck-jto.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 00:40:27 GMT\r\ncontent-type: application/octet-stream\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WlbcDsRlAus9oChu0mCtRemXuiTa6E55%2FZXHT6FHOA%2Fl%2FrEWKppYRMcyYm8mPt5lgsmMudlnHayOKXes0BfhOirGf%2BommoymC6Rrh6fZFQEaIYBxVZvX%2BEMRtwHQnHwWpEvF7gXzjQc%3D\"}]}\r\ncast-mode: default\r\nlast-modified: Tue, 23 Jun 2026 21:04:51 GMT\r\netag: \"6a3af4f3-1dce0\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 398\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 122080\r\ncf-ray: a130e141db40b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":122080,"size_decoded":123044,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"79b6167962ee95a91f64e8bd218d6fec","sha1":"2f08ac4aedccab83ff7aa5d74a0cbbbdf8789862","sha256":"94252cc23a51ebcab1826a001a10d364a22ae296f0ec9484fa3ef105ca48fcfa","sha512":"6c188d51703886b47afe6472954046e7b6355aa0fe10e4413d0ae3ae85424d8712cdeaf893c456da1fc8de3d5fd4396575cd113eb687c94cea18622ab9735c58","ssdeep":"3072:xzVgDN0A/odKaqukENZKhB4Y3Dy/NADm+5xTf1bs0:vaqA/odKaqukUa4iD4NA3tbt","tlshash":"e0c31a065b896565cad40a36c4eecfe70bb3dddc1c1816864ad226444ffcfd2da223e9","first_seen":"2023-04-15T15:59:13Z","last_seen":"2026-06-30T03:25:19.026035Z","times_seen":162,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"allowscheck-jto.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}