{"report_id":"73299122-0e54-4251-b8f9-131987710031","version":6,"status":"done","tags":[],"date":"2025-12-12T03:16:29Z","url":{"schema":"https","addr":"r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","fqdn":"r-honeyjp.com","domain":"r-honeyjp.com","tld":"com"},"ip":{"addr":"202.226.39.78","port":0,"asn":131965,"as":"Xserver Inc.","country":"Japan","country_code":"JP"},"final":{"url":{"schema":"https","addr":"r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","fqdn":"r-honeyjp.com","domain":"r-honeyjp.com","tld":"com"},"title":"Webmail Sign-in","dom":{"size":8011,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (323)","md5":"0499cc6e0f14cc47606512e063771cae","sha1":"e8590b9064d27ade7593367ae774194a65148f51","sha256":"5b551acb72d50c84eb56d0336705e46bf72271a2706de648dd5edb6b528a1efb","sha512":"d2a395a59341a8b95ed8e8405a175067914608e0a4ded1367b919f19c9c26a8ea89f58ccd2f58ba0f774ca8e7d77917e9519207e2f75131b0e73705c77ba0c1b","ssdeep":"96:rhfVU94jtgQkhS8k45USz+45ga/5/ta89+RzydNA1t9+kex8KdRoZ8I7B1g/M:r3UkvkhS8LUSZgaxFb9wmII9o8IT","tlshash":"c1f192a462fa1e2b828382ed34d77109bd11d343d39c28e5bb6e45e10fc7d91990f26a","dom_hash":"domhash5833762d13b646d6718afae55768490d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","fqdn":"r-honeyjp.com","domain":"r-honeyjp.com","tld":"com"},"ip":{"addr":"202.226.39.78","port":0,"asn":131965,"as":"Xserver Inc.","country":"Japan","country_code":"JP"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-16T03:16:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-12T03:16:09Z","timestamp":1765509369,"ip_dst":{"addr":"104.26.13.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.20","port":51852,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2025-12-12T03:16:09.586153+0000\",\"flow_id\":473857449908164,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.20\",\"src_port\":51852,\"dest_ip\":\"104.26.13.205\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3438,\"start\":\"2025-12-12T03:16:09.579524+0000\"}}"}],"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2025-12-12","alert":"Detects file containing Telegram Bot API","trigger":"r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-12-12","alert":"Phishing - Office365","trigger":"r-honeyjp.com","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"r-honeyjp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"r-honeyjp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"yahoo.com","ip":{"addr":"98.137.11.164","port":443,"asn":36647,"as":"YAHOO-GQ1","country":"United States","country_code":"US"},"domain_registered":"1995-01-18","domain_rank":64,"first_seen":"2012-05-21T11:33:44Z","last_seen":"2025-12-05T06:21:12.966606Z","alert_count":0,"request_count":1,"received_data":422,"sent_data":509,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}]},{"fqdn":"t3.gstatic.com","ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2013-05-06T20:15:36Z","last_seen":"2025-12-09T11:28:03.20356Z","alert_count":0,"request_count":1,"received_data":1099,"sent_data":515,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.ipify.org","ip":{"addr":"104.26.13.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2025-12-08T04:48:36.568943Z","alert_count":0,"request_count":1,"received_data":271,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.google.com","ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-12-07T22:21:08.871485Z","alert_count":0,"request_count":1,"received_data":727,"sent_data":450,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.yahoo.com","ip":{"addr":"87.248.119.252","port":443,"asn":203220,"as":"Yahoo-UK Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"1995-01-18","domain_rank":1472,"first_seen":"2012-05-20T22:42:45Z","last_seen":"2025-12-08T08:48:31.556438Z","alert_count":0,"request_count":1,"received_data":1394,"sent_data":513,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}]},{"fqdn":"consent.yahoo.com","ip":{"addr":"34.242.32.128","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"1995-01-18","domain_rank":12070,"first_seen":"2019-02-20T12:07:06Z","last_seen":"2025-12-08T13:02:29.482403Z","alert_count":0,"request_count":1,"received_data":979,"sent_data":594,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"guce.yahoo.com","ip":{"addr":"52.19.79.105","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"1995-01-18","domain_rank":23222,"first_seen":"2018-03-16T21:40:34Z","last_seen":"2025-12-08T10:39:20.157053Z","alert_count":0,"request_count":1,"received_data":295,"sent_data":588,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-12-07T22:25:46.118111Z","alert_count":0,"request_count":4,"received_data":492013,"sent_data":1839,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-07T22:13:56.807982Z","alert_count":0,"request_count":2,"received_data":17300,"sent_data":1070,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r-honeyjp.com","ip":{"addr":"202.226.39.78","port":443,"asn":131965,"as":"Xserver Inc.","country":"Japan","country_code":"JP"},"domain_registered":"2023-06-27","domain_rank":0,"first_seen":"2025-12-10T15:32:26.917438Z","last_seen":"2025-12-10T15:32:26.917438Z","alert_count":10,"request_count":3,"received_data":21068,"sent_data":1482,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Bootstrap:5.3.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-07T22:17:02.440237Z","alert_count":0,"request_count":1,"received_data":4277,"sent_data":470,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap@5.3.0/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://r-honeyjp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 12 Dec 2025 03:16:09 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 33205\r\ncf-ray: 9aca0fb55eac568a-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.0\r\nx-jsd-version-type: version\r\netag: W/\"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-etou8220062-FRA, cache-bma-essb1270030-BMA\r\nx-cache: HIT, MISS\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1495943\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=yl1ONAkrd5usR7e2gxme7RXn6OEtHhIxwwABGg7hElwuGUGMmnJYP0DwtEqMVAmsxkkokDq8Ivf2vgAjBpUK8oLzecYgxHstKMlJXAjrVOhzmX3nSht6QsFUCA5WM80BQ94%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":232914,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"fe7fdfec700d100dc745dc64d3600cb2","sha1":"b231651e0fd68bbd8758189fbd3642c462d34fa6","sha256":"7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a","sha512":"b7819649564ed5e0bc04cdf7f5777b529870e6cd7b6bcead219223f2a4718672ae6fa5a8ca19ebc5e08831e02a04f81d646942706d8fad98cc73e5abefcfb95e","ssdeep":"1536:VYutjsbf98fOdBfvO5wlP7Qy9A374298wsY/ElV6V6pz600I41r:ntj898fo298uI6V6pz600I41r","tlshash":"383481d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2023-06-08T14:47:00Z","last_seen":"2026-04-05T16:00:18.416593Z","times_seen":19785,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":4,"dns":1,"connect":1,"send":0,"wait":14,"receive":2,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:20 GMT","end":"Mon, 16 Feb 2026 08:40:19 GMT"},"fingerprint":{"sha1":"6A:E1:8A:53:22:10:0A:EA:D5:8B:52:AB:88:89:E1:9C:72:AA:70:85","sha256":"F1:22:A3:0F:EE:FD:45:B1:E4:FA:14:E9:E4:1F:83:3A:81:45:61:0D:5D:82:48:E5:DB:D5:5F:95:60:4F:8F:DE"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://r-honeyjp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7748\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 10 Dec 2025 00:04:20 GMT\r\nexpires: Thu, 10 Dec 2026 00:04:20 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184309\r\nlast-modified: Mon, 15 Sep 2025 16:36:26 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7748,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7748, version 1.0","md5":"a09f2fccfee35b7247b08a1a266f0328","sha1":"0da2d17e738f46d2a09e6fb7969da451719a9820","sha256":"cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446","sha512":"5e3f9a298003b84250ec6801e08ad2a4ff8845d4c3e13ea61bec37da24d26ede13b436257882124cc0c27e9a323ba92e7d23c6ad3f48a7b75535f5ed98813a0e","ssdeep":"96:0g6vAF/FXh6MmoI56TEwosGU/DbVF/QBT1gaHEYT6u/w3hXLbJPAS772+6haAftj:zp6x6TYpoDYBJg8TRkbJPAS/2+CzQa7","tlshash":"f3f19de65d1e5e8980f0102f6f6efce767950d88141dadf9a9e72f884c6ba1b04c90cd","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-04-05T16:48:42.240153Z","times_seen":193488,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":138,"dns":3,"connect":28,"send":0,"wait":29,"receive":2,"ssl":103},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://r-honeyjp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 12 Dec 2025 03:16:09 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 23984\r\ncf-ray: 9aca0fb7781fb4f7-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.0\r\nx-jsd-version-type: version\r\netag: W/\"13a25-1yL6mYLaiqSN+IJRuxiX8Twds7k\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230147-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 1974126\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=OMQtdOzs7HJhj5V4b2404PFblyYqP254S60aXHIeQ8N389%2BI7i9cE7TmoksFe%2FF%2B%2BZJTC9tlSzi8K%2FZefHOS1LN35qP86epYGVVjowY%2BoRtAtL12ucIk62E6BFQP%2B4DYRwA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80421,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"849e6db145f2905ce210f628bddd9de5","sha1":"d722fa9982da8aa48df88251bb1897f13c1db3b9","sha256":"aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04","sha512":"54adb372f9ed12e7da8a673e79f3988badb654de5969c767b9f9e65fbcc88423e68e12a73a2f590ccb60d7fba0e65d7cddfd7d806d7f701b2d3cee03f0dfc89a","ssdeep":"1536:OSif7R2qTTR2t4iYniNw+inreQURwTLBAF+27wXiYE3Yjr/I2:4R2cpXLBl27wXit3Yb","tlshash":"ca73b7593254b4730ade85b68037420bf2265994b24b802cb5bcadde2a7dcc67277f7c","first_seen":"2023-06-08T14:47:00Z","last_seen":"2026-04-05T16:00:18.41443Z","times_seen":13812,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"r-honeyjp.com/favicon.ico","fqdn":"r-honeyjp.com","domain":"r-honeyjp.com","tld":"com"},"ip":{"addr":"202.226.39.78","port":443,"asn":131965,"as":"Xserver Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.r-honeyjp.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Oct 2025 04:13:59 GMT","end":"Mon, 12 Jan 2026 04:13:58 GMT"},"fingerprint":{"sha1":"48:DF:35:28:B2:5F:4C:09:9A:F9:8A:3D:72:C4:E6:BD:ED:E3:24:E1","sha256":"06:ED:CB:4D:50:BF:33:26:EA:0E:64:AF:D0:7D:F4:33:5F:1E:FE:65:AF:52:F4:0B:4B:79:26:B8:3E:39:2E:63"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: r-honeyjp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Fri, 12 Dec 2025 03:16:10 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 0\r\nlocation: https://r-honeyjp.com/wp-includes/images/w-logo-blue-white-bg.png\r\nlink: \u003chttps://r-honeyjp.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nx-redirect-by: WordPress\r\nexpires: Fri, 19 Dec 2025 03:16:10 GMT\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":4119,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T16:47:07.54892Z","times_seen":13384334,"resource_available":true,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-12-12","alert":"Phishing - Office365","trigger":"r-honeyjp.com","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"r-honeyjp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"r-honeyjp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"r-honeyjp.com/wp-includes/images/w-logo-blue-white-bg.png","fqdn":"r-honeyjp.com","domain":"r-honeyjp.com","tld":"com"},"ip":{"addr":"202.226.39.78","port":443,"asn":131965,"as":"Xserver Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:10.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.r-honeyjp.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Oct 2025 04:13:59 GMT","end":"Mon, 12 Jan 2026 04:13:58 GMT"},"fingerprint":{"sha1":"48:DF:35:28:B2:5F:4C:09:9A:F9:8A:3D:72:C4:E6:BD:ED:E3:24:E1","sha256":"06:ED:CB:4D:50:BF:33:26:EA:0E:64:AF:D0:7D:F4:33:5F:1E:FE:65:AF:52:F4:0B:4B:79:26:B8:3E:39:2E:63"}}},"request":{"raw":"GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1\r\nHost: r-honeyjp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 12 Dec 2025 03:16:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 4119\r\nlast-modified: Mon, 22 May 2023 01:59:52 GMT\r\netag: \"1017-5fc3ea05a5600\"\r\nexpires: Fri, 19 Dec 2025 03:16:10 GMT\r\ncache-control: max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4119,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"000bf649cc8f6bf27cfb04d1bcdcd3c7","sha1":"d73d2f6d74ec6cdcbae07955592962e77d8ae814","sha256":"6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0","sha512":"73d2ea5ffc572c1ae73f37f8f0ff25e945afee8e077b6ee42ce969e575cdc2d8444f90848ea1cb4d1c9ee4bd725aee2b4576afc25f17d7295a90e1cbfe6edfd5","ssdeep":"96:h3bdWfcmTY+aRF1pXWZL2+42HGhIUc8KeLEd:hgXTY+as02mOB8XLEd","tlshash":"00814b63df38c566e66a2b189ff6bca56b290fd50ca1194c0eecb025632c06d1065089","first_seen":"2023-04-08T12:31:37Z","last_seen":"2026-04-05T17:03:17.677909Z","times_seen":55469,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"r-honeyjp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"r-honeyjp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-12-12","alert":"Phishing - Office365","trigger":"r-honeyjp.com","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","fqdn":"r-honeyjp.com","domain":"r-honeyjp.com","tld":"com"},"ip":{"addr":"202.226.39.78","port":443,"asn":131965,"as":"Xserver Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-12T03:16:08.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.r-honeyjp.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Oct 2025 04:13:59 GMT","end":"Mon, 12 Jan 2026 04:13:58 GMT"},"fingerprint":{"sha1":"48:DF:35:28:B2:5F:4C:09:9A:F9:8A:3D:72:C4:E6:BD:ED:E3:24:E1","sha256":"06:ED:CB:4D:50:BF:33:26:EA:0E:64:AF:D0:7D:F4:33:5F:1E:FE:65:AF:52:F4:0B:4B:79:26:B8:3E:39:2E:63"}}},"request":{"raw":"GET /pacho/inn.html?eta=yahoo@yahoo.com HTTP/1.1\r\nHost: r-honeyjp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 12 Dec 2025 03:16:08 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 09 Dec 2025 23:09:10 GMT\r\netag: W/\"2e7d-6458cffdba320\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap:5.3.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":11901,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1880), with CRLF line terminators","md5":"336e174a252117344e11a5124583c18b","sha1":"e54f7235fea13f930b13728c93692dbe11ad305d","sha256":"ee8268dfc97d5bb724c447bc8b97edbc3ea953e8e8151c2e4689903cc0d7f8fb","sha512":"9a46b53897d3a195540a5d7e546b723693b6a8b3a1a257fc6922e976935c0836229bda075a25fbccb5a8cc21289e1b0ebc72c62efd5d8736db07420850ebf1b3","ssdeep":"192:f72q6mE94jTZLox1JJx4RWUSR2zu70emiBtmFZmKizLiTiT4BdlhwTXih:fylR0emiK6Ki3iTiT40TXw","tlshash":"b932d8627688043d62b3c1a971b5ab44ff36c107ef41059a74ad2a970ffbe414977bc8","first_seen":"2025-08-22T07:47:38.783553Z","last_seen":"2026-02-12T05:30:27.157171Z","times_seen":24,"resource_available":false,"data":null}},"time_used":1260,"timings":{"blocked":504,"dns":14,"connect":243,"send":0,"wait":247,"receive":0,"ssl":249},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2025-12-12","alert":"Detects file containing Telegram Bot API","trigger":"r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"r-honeyjp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"r-honeyjp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-12-12","alert":"Phishing - Office365","trigger":"r-honeyjp.com","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.10.5/font/bootstrap-icons.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.10.5/font/bootstrap-icons.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://r-honeyjp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 12 Dec 2025 03:16:09 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 12865\r\ncf-ray: 9aca0fb55eaf568a-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.10.5\r\nx-jsd-version-type: version\r\netag: W/\"16e26-p4ONiiDb2g7p5MHLfx+DLOmvHBE\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230072-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 1800969\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=P5jkzukCKUwGP5%2FXAeTI1ioAgt9zBwlqqF8US5qyz2Dhl9%2BPEBwilpeftQcoVAv36zQj0cQpkRvKT%2FVsmVjpI0PkZDxHhNsvgU0trxKRVdswijK7fIF30P9IV2i3U%2F9RxEU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93734,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"8f4b242830ec54686815617e7b5a5b1b","sha1":"a7838d8a20dbda0ee9e4c1cb7f1f832ce9af1c11","sha256":"d8824f7067cdfea38afec7e9ffaf072125266824206d69ef1f112d72153a505e","sha512":"d326210b288c07ee973a2b38aaf580e3690f90a6f9e3eb8c68e85bb2d6ba9be690edc64e9b98731113eb4649249e5a44768c550b062e8bec8cd2345ace90c5b8","ssdeep":"768:Rqnm8OAL1Mzocm4KyH2CJwZwmij34k4RDlWIbWPVUMW:gOocm4FJwZ5ijINRDlIib","tlshash":"5493fdba914f05f9d341e4d92743674693aaba3ce1813c7ad342399ee3c16188ad73dc","first_seen":"2023-05-09T04:19:23Z","last_seen":"2026-04-05T13:45:46.230163Z","times_seen":6478,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":15,"receive":1,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@400;500;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:24 GMT","end":"Mon, 16 Feb 2026 08:40:23 GMT"},"fingerprint":{"sha1":"D2:D0:B6:8B:C1:78:F6:EE:87:02:EC:05:E4:EE:EA:71:6E:AA:66:42","sha256":"F9:3D:F1:E7:59:9A:99:EF:7D:47:70:33:FA:AD:2E:9B:E6:68:28:39:08:52:7F:C4:F0:66:B1:E8:19:70:25:23"}}},"request":{"raw":"GET /css2?family=Poppins:wght@400;500;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://r-honeyjp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 12 Dec 2025 03:16:09 GMT\r\ndate: Fri, 12 Dec 2025 03:16:09 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3591,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ee4653ac811790d672a3082a7eb6c915","sha1":"1741b80e814f47375c3ccfd2be651012f6124072","sha256":"032c63714d918d354fd85cafb6d2fb6f345624496e801de1771a5e7eef28afbc","sha512":"a30d1d413f4ca08ae73c5f76c4d42446ddde3f12816b25653c547c7971e2f945567d9b8e018887ed0a70fbbb4a77e20363baaa243b68fb8d4c5c245db00d3c16","ssdeep":"","tlshash":"af719bd1087be114ab831cc123cf7d36ee1e9255b810e5786bfd0c98adabc654362b2d","first_seen":"2025-09-17T00:33:35.353854Z","last_seen":"2026-04-05T15:09:30.111754Z","times_seen":4193,"resource_available":false,"data":null}},"time_used":513,"timings":{"blocked":232,"dns":0,"connect":15,"send":0,"wait":35,"receive":0,"ssl":228},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yahoo.com/","fqdn":"yahoo.com","domain":"yahoo.com","tld":"com"},"ip":{"addr":"98.137.11.164","port":443,"asn":36647,"as":"YAHOO-GQ1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yahoo.com","organization":"Yahoo Holdings Inc."},"issuer":{"commonName":"DigiCert SHA2 High Assurance Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 07 Oct 2025 00:00:00 GMT","end":"Wed, 01 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"35:3D:86:CB:32:38:27:AD:AA:66:C5:6E:6A:5E:3F:76:E0:13:A9:D9","sha256":"7F:5E:03:6F:B7:F8:55:74:2A:B5:44:4B:D4:96:57:D9:C9:CF:E9:89:DA:B4:5A:EA:39:27:12:6C:01:43:99:6C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: yahoo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://r-honeyjp.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Fri, 12 Dec 2025 03:16:10 GMT\r\nstrict-transport-security: max-age=31536000\r\nserver: ATS\r\ncache-control: no-store, no-cache\r\ncontent-type: text/html\r\ncontent-language: en\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nlocation: https://www.yahoo.com/\r\ncontent-length: 8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T16:47:07.54892Z","times_seen":13384334,"resource_available":true,"data":null}},"time_used":910,"timings":{"blocked":376,"dns":3,"connect":152,"send":0,"wait":157,"receive":0,"ssl":219},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://yahoo.com\u0026size=16","fqdn":"t3.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:20 GMT","end":"Mon, 16 Feb 2026 08:40:19 GMT"},"fingerprint":{"sha1":"6A:E1:8A:53:22:10:0A:EA:D5:8B:52:AB:88:89:E1:9C:72:AA:70:85","sha256":"F1:22:A3:0F:EE:FD:45:B1:E4:FA:14:E9:E4:1F:83:3A:81:45:61:0D:5D:82:48:E5:DB:D5:5F:95:60:4F:8F:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://yahoo.com\u0026size=16 HTTP/1.1\r\nHost: t3.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://r-honeyjp.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-location: https://s.yimg.com/cv/apiv2/default/hp/favicon.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 247\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 08 Dec 2025 22:54:06 GMT\r\nexpires: Mon, 15 Dec 2025 22:54:06 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 29 Apr 2025 13:33:51 GMT\r\ncontent-type: image/png\r\nage: 274923\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":247,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"c307792881a985f72b84fd38acf3a00c","sha1":"7e254f4aabb576187e9bf6821a1a9eae32122173","sha256":"408d368d2d32d5203ec1a99dc142a9133fce253bbcdfecb9e6909276464a0327","sha512":"fc86cbe000fb4948ebe5035aa0609c21305cdb44d06ac49587064c167d1eb7b6be25741586875fd41bb1661ff31a2fc50c14c711418694b8f0c5717275024414","ssdeep":"","tlshash":"2fd0974631b96c3c860302f6c8944a424838ac2a00fa562b0f078813b432521f8f0188","first_seen":"2025-06-23T10:45:04.774604Z","last_seen":"2026-04-02T07:09:15.148265Z","times_seen":27,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":92,"dns":17,"connect":27,"send":0,"wait":28,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yahoo.com/","fqdn":"www.yahoo.com","domain":"yahoo.com","tld":"com"},"ip":{"addr":"87.248.119.252","port":443,"asn":203220,"as":"Yahoo-UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:10.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.yahoo.com","organization":"Yahoo Holdings Inc."},"issuer":{"commonName":"DigiCert SHA2 High Assurance Server CA","organization":"DigiCert Inc"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Wed, 21 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"24:1C:45:0A:5D:1C:D7:ED:7A:D5:E6:FA:55:FD:EE:95:53:AE:FA:77","sha256":"18:A3:9C:6B:4D:4C:7B:B4:54:34:AC:7E:B0:00:DB:9D:89:03:B3:A9:7F:5F:2A:1B:A9:62:49:67:87:3E:F0:8C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.yahoo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://r-honeyjp.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ndate: Fri, 12 Dec 2025 03:16:10 GMT\r\nstrict-transport-security: max-age=31536000\r\nserver: ATS\r\ncache-control: no-store\r\ncontent-type: text/html; charset=utf-8\r\ncontent-language: en\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\nlocation: https://guce.yahoo.com/consent?brandType=nonEu\u0026gcrumb=QfJUA7Y\u0026done=https%3A%2F%2Fwww.yahoo.com%2F\r\nset-cookie: GUCS=AUHyVAO2; Max-Age=1800; Domain=.yahoo.com; Path=/; Secure\r\ncontent-security-policy: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://cdn.taboola.com https://ads.taboola.com chrome-extension://jdanfkhnfpagoijgfmklhgakdicpnfil; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; report-uri https://csp.yahoo.com/beacon/csp?src=ats\u0026site=news\u0026region=US\u0026lang=en-US\u0026device=desktop\u0026yrid=6o9nr8tivmg0j\u0026partner=;\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T16:47:07.54892Z","times_seen":13384334,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":117,"dns":52,"connect":29,"send":0,"wait":70,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_da51c2a7-16d6-433e-ab43-890535b6f49a","fqdn":"consent.yahoo.com","domain":"yahoo.com","tld":"com"},"ip":{"addr":"34.242.32.128","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:10.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"consent.oath.com","organization":"Yahoo Holdings Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 02 Dec 2025 00:00:00 GMT","end":"Wed, 27 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"27:8F:42:70:94:56:34:34:52:44:51:25:EC:75:0A:C3:9C:32:62:CB","sha256":"EA:64:29:9F:85:F9:10:2E:D6:41:4A:7F:90:65:17:3C:3E:9D:CD:DA:46:22:FC:FA:20:8E:76:87:8B:DA:D3:4A"}}},"request":{"raw":"GET /v2/collectConsent?sessionId=3_cc-session_da51c2a7-16d6-433e-ab43-890535b6f49a HTTP/1.1\r\nHost: consent.yahoo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://r-honeyjp.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Encoding: gzip\r\nExpires: 0\r\nCache-Control: no-cache, no-store, must-revalidate\r\nContent-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self' https://udc.yahoo.com/ https://geo.yahoo.com/ https://ganon.yahoo.com; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-zniV1mNRYV1LxlilGnZREDZrAzcXwOJk' https://s.yimg.com; style-src 'self' 'nonce-zniV1mNRYV1LxlilGnZREDZrAzcXwOJk' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce\r\nServer: guce\r\nX-XSS-Protection: 1; mode=block\r\nPragma: no-cache\r\nX-Frame-Options: DENY\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nDate: Fri, 12 Dec 2025 03:16:10 GMT\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Content-Type-Options: nosniff\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Length: 14706\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T16:47:07.54892Z","times_seen":13384334,"resource_available":true,"data":null}},"time_used":327,"timings":{"blocked":115,"dns":1,"connect":34,"send":0,"wait":96,"receive":1,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://r-honeyjp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 12 Dec 2025 03:16:09 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 23984\r\ncf-ray: 9aca0fb55eb0568a-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.0\r\nx-jsd-version-type: version\r\netag: W/\"13a25-1yL6mYLaiqSN+IJRuxiX8Twds7k\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230147-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 1974126\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=T1FmFO4I58G105zoU63pb6A3oZOvH2Igc95qceDyB08LUXMvg6RJqOMl18JWKtvCyL694DdPbulM1eOoeEy2Iqb1Z%2FO4zrLjTCe%2BgaH%2Fvv6DSspgBH5kKtDJrpNsCgnAuuA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80421,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"849e6db145f2905ce210f628bddd9de5","sha1":"d722fa9982da8aa48df88251bb1897f13c1db3b9","sha256":"aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04","sha512":"54adb372f9ed12e7da8a673e79f3988badb654de5969c767b9f9e65fbcc88423e68e12a73a2f590ccb60d7fba0e65d7cddfd7d806d7f701b2d3cee03f0dfc89a","ssdeep":"1536:OSif7R2qTTR2t4iYniNw+inreQURwTLBAF+27wXiYE3Yjr/I2:4R2cpXLBl27wXit3Yb","tlshash":"ca73b7593254b4730ade85b68037420bf2265994b24b802cb5bcadde2a7dcc67277f7c","first_seen":"2023-06-08T14:47:00Z","last_seen":"2026-04-05T16:00:18.41443Z","times_seen":13812,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:20 GMT","end":"Mon, 16 Feb 2026 08:40:19 GMT"},"fingerprint":{"sha1":"6A:E1:8A:53:22:10:0A:EA:D5:8B:52:AB:88:89:E1:9C:72:AA:70:85","sha256":"F1:22:A3:0F:EE:FD:45:B1:E4:FA:14:E9:E4:1F:83:3A:81:45:61:0D:5D:82:48:E5:DB:D5:5F:95:60:4F:8F:DE"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://r-honeyjp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 10 Dec 2025 00:02:08 GMT\r\nexpires: Thu, 10 Dec 2026 00:02:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184441\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-04-05T16:48:05.85405Z","times_seen":296338,"resource_available":false,"data":null}},"time_used":494,"timings":{"blocked":231,"dns":0,"connect":30,"send":0,"wait":29,"receive":3,"ssl":198},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=json","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"104.26.13.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 07:43:05 GMT","end":"Sun, 01 Feb 2026 08:42:55 GMT"},"fingerprint":{"sha1":"BE:9D:76:9E:9E:2C:F2:8E:38:C4:E9:42:11:6A:45:24:E9:59:0A:5F","sha256":"D1:C5:0F:C4:11:DF:FE:54:9C:EF:8C:40:56:6C:79:4E:F3:E6:0B:24:15:B8:E1:60:2B:49:C2:41:96:C9:79:83"}}},"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://r-honeyjp.com/\r\nOrigin: https://r-honeyjp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 12 Dec 2025 03:16:09 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9aca0fb80e1b35a6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7d69c71af0f191e9a72db6153f8018d1","sha1":"f67c5f2887bc05654b47f76e9621e53a4091aed1","sha256":"5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65","sha512":"fdf43a8f3d843fe9008949d6709c8e2a5cd640f6101522319745f0a829f21dc8f4bd4d70ff3e2f6e1fd53ca0d2dd872bf3588c593a403071102ab28763cbdba5","ssdeep":"","tlshash":"b8700022000000208c80800eca0a032223a0000ac20a00088e800b2288a0b380282032","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-05T16:43:13.864478Z","times_seen":83193,"resource_available":true,"data":null}},"time_used":159,"timings":{"blocked":25,"dns":1,"connect":1,"send":0,"wait":109,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=yahoo.com","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:09.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:45 GMT","end":"Mon, 19 Jan 2026 08:35:44 GMT"},"fingerprint":{"sha1":"88:42:9A:E3:85:29:1D:A4:9A:60:E6:5F:C1:71:A6:01:27:91:C8:BC","sha256":"6D:0F:B5:30:E0:1A:7B:ED:55:DD:26:C8:34:D0:0A:34:65:0E:E8:E4:93:E9:8C:DF:D6:3C:63:71:A9:AE:DF:D2"}}},"request":{"raw":"GET /s2/favicons?domain=yahoo.com HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://r-honeyjp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nlocation: https://t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://yahoo.com\u0026size=16\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Fri, 12 Dec 2025 03:16:09 GMT\r\nexpires: Fri, 12 Dec 2025 03:46:09 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 329\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":247,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T16:47:07.54892Z","times_seen":13384334,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":77,"dns":0,"connect":8,"send":0,"wait":17,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guce.yahoo.com/consent?brandType=nonEu\u0026gcrumb=QfJUA7Y\u0026done=https%3A%2F%2Fwww.yahoo.com%2F","fqdn":"guce.yahoo.com","domain":"yahoo.com","tld":"com"},"ip":{"addr":"52.19.79.105","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://r-honeyjp.com/pacho/inn.html?eta=yahoo@yahoo.com","date":"2025-12-12T03:16:10.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"guce.oath.com","organization":"Yahoo Holdings Inc."},"issuer":{"commonName":"DigiCert SHA2 High Assurance Server CA","organization":"DigiCert Inc"},"validity":{"start":"Thu, 21 Aug 2025 00:00:00 GMT","end":"Wed, 11 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:E3:67:B8:A2:15:63:B3:6B:46:ED:36:E5:DD:ED:54:A7:71:D7:AC","sha256":"7A:88:F1:2C:E7:14:A9:E8:56:A9:D4:40:EE:0F:57:F9:08:F9:A4:FF:CE:84:82:3A:CF:FA:28:3F:3E:E5:02:4C"}}},"request":{"raw":"GET /consent?brandType=nonEu\u0026gcrumb=QfJUA7Y\u0026done=https%3A%2F%2Fwww.yahoo.com%2F HTTP/1.1\r\nHost: guce.yahoo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://r-honeyjp.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nConnection: keep-alive\r\nServer: guce\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nLocation: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_da51c2a7-16d6-433e-ab43-890535b6f49a\r\nContent-Length: 0\r\nDate: Fri, 12 Dec 2025 03:16:10 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T16:47:07.54892Z","times_seen":13384334,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":141,"dns":34,"connect":32,"send":0,"wait":51,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}