{"report_id":"746e386b-00f0-4e6b-b720-73db805d437d","version":6,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-05-16T18:36:24Z","url":{"schema":"http","addr":"flare-fassets.vote","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"flare-fassets.vote/","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"title":"Flare: The blockchain for data","dom":{"size":281575,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (716)","md5":"ab75145c8add69d6453fa579f64031b0","sha1":"0459e4005b01f0253e5253095cd393086aa0b9ca","sha256":"00f0b08199582d90c7746185c5fa273e45a47b2511ec07ea0739bedc27fb8e33","sha512":"8ef5248057b3897056b88e515a315e9608cd290fae372eaf61de1638a6a0ec229e58c7c9757f5d6f26327c763bb31538a17521005fb657fc23b51fdeaa2678a2","ssdeep":"1536:CEnhvo5szjvqikuC63ooFDiG3/CFdEZVz63+DiG6CrPyNyUMu8RigxJn2RGa4bL9:5vo5s9ozanR1T2vske","tlshash":"f454b8b2f2f112a7000e93d9e7755516efd060ebd5468ec8729c0be89f46cad68d324e","dom_hash":"domhash2c54c1721c2a3f3ed1c83f37457fd1e3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"flare-fassets.vote","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-20T18:36:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-16","alert":"Detects file containing Telegram Bot API","trigger":"flare-fassets.vote/bundle.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"flare-fassets.vote","ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-16T18:36:03.005948Z","last_seen":"2026-05-16T18:36:03.005948Z","alert_count":77,"request_count":38,"received_data":11273340,"sent_data":17306,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"flare-fassets.vote/bundle.js","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"md5":"f1b9c4e57e308a3daae145499a5e34f3","sha1":"2f4d9e36450ba6e0c6c56ed9a5d376d310611500","sha256":"019bf4db11461a048bdc59016e1dec8fb09f786d8d191aa0ff1c28f7248dea2a","sha512":"bca83f8ce625e6d97ad568ceba224ea300b30a798a56fd1360ec04bb1850912b10aa2298d519f684a15d16f1cb0405e64b342c615fa1cf2fcaad21cbc3c349e5","size":5096451,"token":"8310665967:AAHy-cAmiutyxmCabNatr_27wC_dpvss5RI","is_revoked":false,"bot":{"token":"8310665967:AAHy-cAmiutyxmCabNatr_27wC_dpvss5RI","user_id":"8310665967","username":"SimpleNotiBot","first_name":"Simple notice","last_name":"","chat":{"chat_id":"","title":"","type":"","bot_is":"","total_users":0,"active_members":null,"admins":null},"pending_messages":0}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"flare-fassets.vote/","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"4f59a897644177c735277e5ea557172d","sha1":"ea6c6b16ff882c6c6c030f3294bb29186bb04475","sha256":"7e1fa8c0ae3d3699bea5a19a31e9927d98b58e361c1ab7534c17b6f95d50dce4","sha512":"0b4b45bc2c03b400f022027d996241f08d865ced514f2047f77d847abeca53753d6ef9a4b156d076af5c8e0a9220782f866f8e06ee5b01028b218555e5404be1","ssdeep":"","tlshash":"e7e0a74820b1556100cb383d094f144e7925a403b1089dc9bdccd2146fa5f6c10e0948","size":292,"data":"","first_seen":"2026-02-10T18:38:29.099562Z","last_seen":"2026-05-16T18:36:30.972761Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d21857cc79a5d94b3fe16a483a731d65","sha1":"6ea720ac3b7e74fb26cd9eb986bdf9731b7d3bf8","sha256":"a51eb88ffe888613904384159beb74a159c485c53cdd4ee27ef787336d60ace6","sha512":"153fba95b98d061d7a7117677f9046b0331b7d4c917be96b4e0816927b75b6ab31e2510c676234b4fa12a4e74823c7beb94ba367a836e4ac1d8fa02e6051050a","ssdeep":"","tlshash":"2cd0a79562555a20036ba0bf469a568510b0158e4d552e093c5d0b519b40978117a5c5","size":229,"data":"","first_seen":"2026-05-16T18:36:08.676721Z","last_seen":"2026-05-16T18:36:30.973271Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/bundle.js","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"f1b9c4e57e308a3daae145499a5e34f3","sha1":"2f4d9e36450ba6e0c6c56ed9a5d376d310611500","sha256":"019bf4db11461a048bdc59016e1dec8fb09f786d8d191aa0ff1c28f7248dea2a","sha512":"bca83f8ce625e6d97ad568ceba224ea300b30a798a56fd1360ec04bb1850912b10aa2298d519f684a15d16f1cb0405e64b342c615fa1cf2fcaad21cbc3c349e5","ssdeep":"49152:meeC0li5gHd0yF8mTMoTYC0m0GucysLKDLYXAotO7XVztH0ncGFF51M7ha:meeCyB0yF8mTMXcysLKDLvGFF5j","tlshash":"e13607d8e3f12c9a014a3026dc39758daa205d4bc508da7ebebc90dfdf446c9c1e6b65","size":5096451,"data":"","first_seen":"2026-05-16T18:36:08.679416Z","last_seen":"2026-05-16T18:36:30.974531Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-16","alert":"Detects file containing Telegram Bot API","trigger":"flare-fassets.vote/bundle.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"flare-fassets.vote/d5170cc3037aa5ea.css","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /d5170cc3037aa5ea.css HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"9825283bdc9eb259f375462ce392d87d-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15T0J7FNF8ZTK8MDZKQKC\r\ncontent-length: 871\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3737,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (3736)","md5":"476e8950a1e70e093e13ef6cc4d9b5cb","sha1":"1032f7332b6bbd9ab2f40a9b6b6c9f25c95948e0","sha256":"544a2d4c3c7dd9d002fbc661ad37e3bea8e4e2a8726a3157eb6041a3660bd0df","sha512":"38690ab286c3973e363a3ad99f94b05656251fe92ef482cf614ca233f23695b9587bc0c3d76ed0474f920ffdff97db2cedab032fae5e4d1a2f05f12b6b325452","ssdeep":"","tlshash":"ab71bf73ea35e028f2268d573782755e17089876649787b5ee33ed0dc8e37b31212b08","first_seen":"2026-04-24T15:23:41.471553Z","last_seen":"2026-05-16T18:36:30.953086Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/thatthatnewpixelfamilytest_square-s.p.5c25c1e8.woff2","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /thatthatnewpixelfamilytest_square-s.p.5c25c1e8.woff2 HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/6cdcfbcc140e7bef.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: font/woff2\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"177978a8ded52d64ff55aa712faef48a-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15T5XGQJXHS2SK2X2WS75\r\ncontent-length: 5516\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":5516,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 5516, version 1.0","md5":"7526fa8e83a73a9f694eba8223795de5","sha1":"6f7b482dc8ce577c3ca11df24997c7bd54959de9","sha256":"4f889410a75a15c856b6b317d13204a6cac75be1035dc10658933cec9f7684e4","sha512":"66eaa1cf4bcdc0597604b08a4cf334a93af88f877f8a4b06ed73bc8e332b3b5d3ae5d756e13b031c007346722091d51638bfe27650e46aa779a2f76970e70cb5","ssdeep":"96:C+mKG30pLRQgPNbGMrYRXoj/oL17R7z/JUyOoJcpeqOVSOXsXV3DWgupbVnlG35X:CPEpLRfNBrYVA/oL1pO3oJcYNgO+Wtpe","tlshash":"0cb1b08dfd826fd6f64600b5ced78491478cd70b91f93c5c66ab932e1e8e4086049474","first_seen":"2026-04-24T15:23:41.456915Z","last_seen":"2026-05-16T18:36:30.953939Z","times_seen":4,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/newsletter_nav_widget-1.webp","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /newsletter_nav_widget-1.webp HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/webp\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"daff5049a31a45f8562a6c66c8615659-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TD5870ARWSYHVQ7JHB2\r\ncontent-length: 39390\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39390,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7fcfa9b2d46f276f007908d1eb643223","sha1":"0060950df385fee6dd2b9cc45cba3dbbb780cb84","sha256":"a9ec7624b82cc2f299e25d60e73e76eb0e3ff8de981fead18779d080193e8190","sha512":"201085eb88672b3c7fe0f8237c343dcdd07785510fd8e00a4d8021dfb8c128cfe60b8691e605fa84a0c435e21ec315a940467c1cc5a9120bb2966bf57ab6611e","ssdeep":"768:XMOzRFTm6vBXbH0iVvc8z/hI+jOFlz//Z/2JAokDCgHv3XQUJ20omLLvT:XTnm6vBXAgc8rhvSl7hQAokD9vA9m7","tlshash":"4903f2131987814a7ccd309953548a09a9715dd8c4532d7128cabff386e6c8a1debffc","first_seen":"2026-04-24T15:23:41.45609Z","last_seen":"2026-05-16T18:36:30.954659Z","times_seen":8,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/LayerZero_Logo_Full%25201-1.webp","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /LayerZero_Logo_Full%25201-1.webp HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: 1778783629-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15TD8BVFXW7114QPY732Z\r\ncontent-length: 1203\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3449,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"0f89e18d0abacb99149c5e59bf69b5e1","sha1":"9e1ebb10be890c5855eec444233c028270d3e65a","sha256":"8514f0009a58c6e0acb5468f88037732b59b70af5e524f452e3bef8fb33effc5","sha512":"5275d80f3f8f1f5e0d1b6b6b0745732a69d669d66dcdab418fc5a2094bffcb81ff1d34252c97c6dffe5470f0d359a3be03cfd3dfe3d729bf186917c8cf21ece0","ssdeep":"","tlshash":"1f61848dc9a7209b5c93643e27eb560a2274a247cd46da4c3fde6348cf492f214d36ac","first_seen":"2024-12-12T10:00:11.490986Z","last_seen":"2026-05-16T21:17:00.594369Z","times_seen":10733,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/mute-subtitle.vtt","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /mute-subtitle.vtt HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: track\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: text/vtt; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"4393d49718e21c1ce84ec68c6106cf3d-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TDH1RZQNASWKEX2XWXV\r\ncontent-length: 86\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":86,"size_decoded":0,"mime_type":"text/vtt; charset=UTF-8","magic":"WebVTT subtitles, ASCII text","md5":"53142af388215162f1a72eaad5603c77","sha1":"ca6e246c84ef9ce3519c5aee9f7d3a4f6064b4fe","sha256":"f946cef18bf33db28bc29c3320c2cbd0ea84e0c3831bf5ed3cdc7f19f4eb98ce","sha512":"7c2da6b49086ff51b75a8e6571a4667e4958026beb592f940fca100118796776204024a0951e51c0eb415a46db40e286a1f8b608e8e1c317c9e2b8edde273b5c","ssdeep":"","tlshash":"22a012804b744840d110920c2162bb03a188dc4e11c00c5e226830cdfc4e004c048042","first_seen":"2026-04-24T15:23:41.467209Z","last_seen":"2026-05-16T18:36:30.955996Z","times_seen":4,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/favicon.ico","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:01.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Sat, 16 May 2026 18:36:01 GMT\r\netag: \"31a66cf87ff1b66210695ee3f599e523-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15V34KTRZFETAD0NNZ41W\r\ncontent-length: 2400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"dc270172d1648eb90a7ac9e496aaa7ec","sha1":"4c6c6b1d4815a5022e215fe4667fe55ff908b13f","sha256":"d4e950e20f2728c5addc06853e7802699855c3ff9166375bea74da43e214d99b","sha512":"829338b30e6435447174ad43e0ff80659a93bd50aa00f135ac739203efb8e6b471864222250f2180af429b8396201611fdfbf75a6a2c252ef45a93a4f692640f","ssdeep":"192:l8WBBBBBB3vjlZXBbxEB+///////////7AFMCpQ:jbrXXEcd","tlshash":"bc62795166299107f9ab803ab34adb6af27ffec5e91b15261b407129103e09270fdf17","first_seen":"2026-01-21T22:11:30.922214Z","last_seen":"2026-05-16T18:36:30.956698Z","times_seen":7,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/ankr-1-1.webp","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /ankr-1-1.webp HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/webp\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"0a0605c0e6ac99ffce760cd11dd05a84-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TDFRT9SN0B04PD3PHN9\r\ncontent-length: 1504\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":1504,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"74a99529b73a19efaf2d7e028cda1c9b","sha1":"87f011fee23c56de730cb79b6ddf36a7f5ed92be","sha256":"794f63b21ecf0941b26436e18d536c830abcbf5332832baaa53821f95c5b87d8","sha512":"8c7a72c51cd3b350d1e0e8ca3de82da58be817b6603c47f6f5d62acefefa894dd69176cbd2f0179e8d1266bc40b7e4c0fdaf6ae0166f193449241f29856a779b","ssdeep":"","tlshash":"c331d78a3b637026e10c053831cc1122622048143a29bc23593fb4f80420691e5badab","first_seen":"2025-08-11T21:39:04.736165Z","last_seen":"2026-05-16T18:36:30.957433Z","times_seen":18,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-16T18:36:00.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"ae918760a34ea6d801852fab344edac4-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15ST3HGR8T9DTC38AZ77K\r\ncontent-length: 45060\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":368236,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (558)","md5":"72ef13a56caf647fefb6d6c427cf50db","sha1":"df85d2df7a1bb34e56afdf26d9205de5aeb5b0d1","sha256":"5935ed655ba0134ea81c31f749fcdc711f1e996949eb056e3ba04b3a2f371680","sha512":"dc3565d1f2dfdfb1015a399c377a8d9b4973a2903363d3f1504e5d9d28eaf58aa20896c9a4f9d9952273cd424f26b535c6cdbe28903fa6c5a2dc7b36342495ba","ssdeep":"1536:rEnhvo5szjvqZwqCJG+1iclCZejfCJy1icGCgijQEGgxJn2RGa4bLPjoMyQHkeSZ:gvo5s7GBsUEB54hqW","tlshash":"8274c7a2f3f112e7401e53e8e9765506efd060f7d1468e8c729c6af85f46c9c68d228e","first_seen":"2026-05-16T18:36:08.640147Z","last_seen":"2026-05-16T18:36:30.958022Z","times_seen":2,"resource_available":true,"data":null}},"time_used":184,"timings":{"blocked":60,"dns":1,"connect":23,"send":0,"wait":34,"receive":30,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/ibm_plex_mono_v20_latin_regular-s.p.e1d6b3bf.woff2","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /ibm_plex_mono_v20_latin_regular-s.p.e1d6b3bf.woff2 HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/6cdcfbcc140e7bef.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: font/woff2\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"ef835027520a494ccd540179d4854f03-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15T74P8ZRDSNB8HMA71SP\r\ncontent-length: 14708\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14708,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14708, version 1.0","md5":"79936b18df9f734fb6b0a256b20d36b4","sha1":"bb87500e3204a3a7c65d6633c79c5c840c3be8d3","sha256":"08949f728dc52d528e69b1667d15c89a5686a4ee9a296ff90983985f99c380f7","sha512":"d5b9ed102916ebc2e1ddfe322a5dee1302329de23c0c7895639106766a52906b8ec2b9bf3ac7884dbdce6166e27d315808128d35d9609e45841e3c8c2818031a","ssdeep":"384:i54PnCNUhrlC/trZov44r9cmuyWPCZpMbyKdlm+:i2P0mrlC/cv46VuyVZSFdl","tlshash":"c962b073691e2539e1c2afb0c6c81f6c50f8d70b5ba5c6109378a063b7615ae361e9b1","first_seen":"2025-09-19T06:27:38.321624Z","last_seen":"2026-05-16T20:40:33.90385Z","times_seen":1585,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/XRPtoken-3.webp","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /XRPtoken-3.webp HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/webp\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"6af0e9c390fe3d404b8971a41376d6fb-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TD66W8ZYZMZXEESVT2V\r\ncontent-length: 770\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":770,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"92d6dc10eacb6ed595bde9d339411440","sha1":"b48cf9e7539432a267da5f2114c40d664a01a057","sha256":"f83d42e9b60e17ae4196b83256f08c986190602da2f3bc1744a6f5fbc5462f08","sha512":"a93bca4f8c6b5ad30d568a5c644e2fbba8aadebb169044943da32b65506c99984a6d6f4e9921f92b4dac1c27242c000906e72a6a086751efaf8afa69312fe690","ssdeep":"","tlshash":"f901b5668114991f4e481e1cb334b6a6f3474ac94a2178b8cda92a48a42d24c6067fa6","first_seen":"2026-04-24T15:23:41.472889Z","last_seen":"2026-05-16T18:36:30.959154Z","times_seen":4,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/6cdcfbcc140e7bef.css","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /6cdcfbcc140e7bef.css HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"c1544896f6a71bdf697e6a85b7bdf24a-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15T0FAYH14HR231SMA2H6\r\ncontent-length: 11384\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":120415,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (11939)","md5":"9e03833ab9c10d491a04b6dae234ef09","sha1":"69fb24e452ef965718a0d642cb5b82cdbb00d1e6","sha256":"9ce5d79c8b23756bbfb0929f53cd795e5328d3b92f13b78f0cb0873c3e6015aa","sha512":"43d0131d1c76623eabfbe78b300fde4a1e9db2c841220dd06fd7cf4dead24941a0d11fd42958c94cd481f2e6e12bbfa8f4dc86e56211c4421919db74cdd0b47a","ssdeep":"384:S1nJibNBbTA8orrhvUHQ1SS7GK40MAEQgzROuxTf3C5d2PgiKPVID8JXF44pivra:aZovqqlGoBB1c58rmsWNf","tlshash":"ecc31f43e9f4133fa05d2106f9d16808efc0a4ebf59b4fe0580edde54489aa66af2747","first_seen":"2026-04-24T15:23:41.464721Z","last_seen":"2026-05-16T18:36:30.959692Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/FAssets%20(1).svg","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /FAssets%20(1).svg HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"37225c4226fdb7c2b5484c2593cc961b-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15TD225Z8CHCVAP6JHFDF\r\ncontent-length: 2252\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":5973,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"791afcd30e640797223cddb9e71c4b02","sha1":"311cfb7ed5c7befab02b7d82af94d4e1459e790c","sha256":"b6d60256961e6c438cf6722481961f3936cfaa0cdba7345c83d7dc1e91d9b935","sha512":"752352c2bf83d59d448219e4e91b6964688f8a843a233ca385707280e9c6b496c9cb140ad287d8116d25508816cd7e2288a3ed34929d86feca03c32dc61cbdaf","ssdeep":"96:P9KSr0KTT9M+P3qpna3TU/Awbq1N5HmCcfZ+HbJm4q+REFy8C1fhY63k:VUKTTOeaFlovNLcfQHw4zmCNhYQk","tlshash":"70c16380337c93b5b841e3761b4ea039787764e4ba044880d6e63f05b689a9f5dacbd3","first_seen":"2025-08-11T21:39:04.7375Z","last_seen":"2026-05-16T18:36:30.960349Z","times_seen":15,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/Elliptic-1.webp","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /Elliptic-1.webp HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/webp\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"3e049fb0ba0bf497c0c68f52fea8453e-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TD7CATWXDZDXJGN2XXY\r\ncontent-length: 526\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":526,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"418e8ca779ee89f651aaa9add5c78c90","sha1":"e0af31da3df7bd0c0957796905616e771db98715","sha256":"85fc06aee2ce609ce0b14ec5ff91fc24d44246613ebf59017da1435e2e61983f","sha512":"90b49903acdd17f9b0882732ceaef0207c6d6147c8673ad2e9404432ac4ee4837ecad27ff17bd656d76b33afdd6e4e8142195ad3c669ae299c54897aeb0f34bb","ssdeep":"","tlshash":"83f07544b23004ebdaacfa3201ec2e891955c10ebf301921124ee9d21785babf433ed0","first_seen":"2025-08-11T21:39:04.774047Z","last_seen":"2026-05-16T18:36:30.960887Z","times_seen":18,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/HexTrust-1.webp","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /HexTrust-1.webp HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/webp\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"aeddde274be42480353c82f7844cf418-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TDGWJQQXMFKBPYZ5ZR4\r\ncontent-length: 1832\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1832,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 210x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3978f7542bed8e61360ecae12e999a7c","sha1":"69e859543324898cd73c6246d558293b93497248","sha256":"6afbe97b7becfb2b0008dfcc0f04267755bb64fcc00c16b7e875287f19c5ca79","sha512":"ab2c7958e052736ddff1931a1b744db235463d89f31bbe957c984954f31b26a506ceec47c5825926d0012da93bdab526b1565b7cd0f4bf5bdb951a2d5aa3ae0b","ssdeep":"","tlshash":"5a31eb01d636ff5d3fffd0a20a1796c7d4da71822e15170420702d2696cd0ac98ee57a","first_seen":"2025-08-11T21:39:04.746858Z","last_seen":"2026-05-16T18:36:30.961442Z","times_seen":17,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/mute-subtitle.vtt","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /mute-subtitle.vtt HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: track\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: text/vtt; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"4393d49718e21c1ce84ec68c6106cf3d-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TDPHXV6JJJPC9ZSZ26X\r\ncontent-length: 86\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":86,"size_decoded":0,"mime_type":"text/vtt; charset=UTF-8","magic":"WebVTT subtitles, ASCII text","md5":"53142af388215162f1a72eaad5603c77","sha1":"ca6e246c84ef9ce3519c5aee9f7d3a4f6064b4fe","sha256":"f946cef18bf33db28bc29c3320c2cbd0ea84e0c3831bf5ed3cdc7f19f4eb98ce","sha512":"7c2da6b49086ff51b75a8e6571a4667e4958026beb592f940fca100118796776204024a0951e51c0eb415a46db40e286a1f8b608e8e1c317c9e2b8edde273b5c","ssdeep":"","tlshash":"22a012804b744840d110920c2162bb03a188dc4e11c00c5e226830cdfc4e004c048042","first_seen":"2026-04-24T15:23:41.467209Z","last_seen":"2026-05-16T18:36:30.955996Z","times_seen":4,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/home_secure_desktop.webm","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /home_secure_desktop.webm HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-range: bytes 0-2070090/2070091\r\ncontent-type: video/webm\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"d0f025925f2c76702a1d7fc6f42cd3ab-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TDRBMZJ9QADK6C859AE\r\ncontent-length: 2070091\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":2070091,"size_decoded":0,"mime_type":"video/webm","magic":"WebM","md5":"c5bdd61c10f692312222bd7181748cbb","sha1":"5eb4f7ddd79e8719d1097934ee4dc0ebe485e13a","sha256":"a816ebc439e192a548a806c95403f4d63c727dd58eb067d61632ecc1e9180078","sha512":"3a68f94e1377b3cad1ce0804f08add5df31c3f78f6506eda73e29f4f147dd13e862ee94e7d75feacb924fa270f864766dd3d8843819c5af851542f6d963fe91b","ssdeep":"24576:fv/gRI0f8jj/M0k1Jsl2VQhfXl4m8eElhkL5cV2VnltmVH+yxvV9o:X4qtjj/CJ4yQhPmeElOqUltmkOV9o","tlshash":"742533a393f58423c8eb2a290ddf20938406f0e1535ee03b61cab15e96c935179e677f","first_seen":"2025-10-21T19:21:03.521714Z","last_seen":"2026-05-16T18:36:30.961966Z","times_seen":10,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/close.svg","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /close.svg HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"302b8a6437db7f84de4223011ff2bb4e-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15T0N6QYV6MAKH0JRJYT6\r\ncontent-length: 633\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1345,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"463a29230026f25d47804e96c507f787","sha1":"f50e0eac87bb8f5cff8f7d8ccb5d72aedda7e78d","sha256":"a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b","sha512":"83f065b7b10e906ef8bf40dd907da4f0eb0f4c28ee2d8b44e418b15f1c06884a579957b2bc27418fac5759825d394819ff0ac48d784b9f05564b8edab25d9426","ssdeep":"","tlshash":"2c21e5fc520853f49d587e98a8623077954514bbbf9db8c8928c847788c53dd4ec8d58","first_seen":"2023-04-17T01:45:40Z","last_seen":"2026-05-16T22:21:02.276611Z","times_seen":54093,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/FTSO%20(1).svg","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /FTSO%20(1).svg HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"cb75e28d3ec597bc4151cbc2a5360516-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15TD4V3PYHF0E877SKG8Z\r\ncontent-length: 2543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6626,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9d1dd18b48faa5466ba63382d58efad0","sha1":"49366978ff355f0d6f58276650de503790fb4e24","sha256":"6259c9c51012ebf41be96343e10515eca91da527134d921930b6e2a60a0da29b","sha512":"9553827d6b889ef992b19906c622c7056a4481bc135a6a8c5645cc2f19e5b5ff923bfd7f3466146723d83ab4f2d8093fe8064ec5aa851041849a0a74878bfcb9","ssdeep":"96:Zg9WazFF26KqFxskLxPFwcrhp2w3PszfL33IBG2zwPEM4HcyfZ35wfNCBc1rTSE3:KMdVMFqsp2UPgsI28hgHHw2KNavP0","tlshash":"39d194c033a8d2b4b841e7b6835ea8312a1775dab15488c8dbd5af01ee8556f0decdd2","first_seen":"2025-08-11T21:39:04.766203Z","last_seen":"2026-05-16T18:36:30.962948Z","times_seen":14,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/quicknode%2520logo.webp","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /quicknode%2520logo.webp HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: 1778783629-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15TDHQ6D4XVGSBZ0NRCTE\r\ncontent-length: 1175\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3449,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"0f89e18d0abacb99149c5e59bf69b5e1","sha1":"9e1ebb10be890c5855eec444233c028270d3e65a","sha256":"8514f0009a58c6e0acb5468f88037732b59b70af5e524f452e3bef8fb33effc5","sha512":"5275d80f3f8f1f5e0d1b6b6b0745732a69d669d66dcdab418fc5a2094bffcb81ff1d34252c97c6dffe5470f0d359a3be03cfd3dfe3d729bf186917c8cf21ece0","ssdeep":"","tlshash":"1f61848dc9a7209b5c93643e27eb560a2274a247cd46da4c3fde6348cf492f214d36ac","first_seen":"2024-12-12T10:00:11.490986Z","last_seen":"2026-05-16T21:17:00.594369Z","times_seen":10733,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/mute-subtitle.vtt","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /mute-subtitle.vtt HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: track\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: text/vtt; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"4393d49718e21c1ce84ec68c6106cf3d-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TDJPVHGYZAMEARVARKM\r\ncontent-length: 86\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":86,"size_decoded":0,"mime_type":"text/vtt; charset=UTF-8","magic":"WebVTT subtitles, ASCII text","md5":"53142af388215162f1a72eaad5603c77","sha1":"ca6e246c84ef9ce3519c5aee9f7d3a4f6064b4fe","sha256":"f946cef18bf33db28bc29c3320c2cbd0ea84e0c3831bf5ed3cdc7f19f4eb98ce","sha512":"7c2da6b49086ff51b75a8e6571a4667e4958026beb592f940fca100118796776204024a0951e51c0eb415a46db40e286a1f8b608e8e1c317c9e2b8edde273b5c","ssdeep":"","tlshash":"22a012804b744840d110920c2162bb03a188dc4e11c00c5e226830cdfc4e004c048042","first_seen":"2026-04-24T15:23:41.467209Z","last_seen":"2026-05-16T18:36:30.955996Z","times_seen":4,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/poweredbtcky.svg","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /poweredbtcky.svg HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"9fb46f9fec4682bb71a8afd56fd3f76e-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15T0N3XP1TYHB2A3XW553\r\ncontent-length: 1377\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3762,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2e4df113ede6d5ce8de2dc1338a3890e","sha1":"3af1721ca29f4ada0cd422206c253cf8ee52781a","sha256":"911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5","sha512":"12c975049692f337fced697963359f535b7d08b4b230447cba37b6e5c8c1fd31e8f26329a315454c83e51ca41787737428e3932979156e205cf0feaadde8fb97","ssdeep":"","tlshash":"967195cb36ec61e0f9006f78db2b20654dae34f666d1d3d59540fd9564a2e9f464ccc0","first_seen":"2023-04-17T01:45:40Z","last_seen":"2026-05-16T21:20:05.969811Z","times_seen":27859,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/mute-subtitle.vtt","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /mute-subtitle.vtt HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: track\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: text/vtt; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"4393d49718e21c1ce84ec68c6106cf3d-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TDJR09H95RA6TKKN9Y5\r\ncontent-length: 86\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":86,"size_decoded":0,"mime_type":"text/vtt; charset=UTF-8","magic":"WebVTT subtitles, ASCII text","md5":"53142af388215162f1a72eaad5603c77","sha1":"ca6e246c84ef9ce3519c5aee9f7d3a4f6064b4fe","sha256":"f946cef18bf33db28bc29c3320c2cbd0ea84e0c3831bf5ed3cdc7f19f4eb98ce","sha512":"7c2da6b49086ff51b75a8e6571a4667e4958026beb592f940fca100118796776204024a0951e51c0eb415a46db40e286a1f8b608e8e1c317c9e2b8edde273b5c","ssdeep":"","tlshash":"22a012804b744840d110920c2162bb03a188dc4e11c00c5e226830cdfc4e004c048042","first_seen":"2026-04-24T15:23:41.467209Z","last_seen":"2026-05-16T18:36:30.955996Z","times_seen":4,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/b85a5d1553cdf244.css","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /b85a5d1553cdf244.css HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"306bf463a1e0860a14e6956ff5046f9b-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15T0HFPTDE3A251MXPQVF\r\ncontent-length: 7766\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78183,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (11983)","md5":"cc8b2707b54a4c12f19dff22508e5cf2","sha1":"84a5ee0a968bcf76acfd7661577712ca9c4150c6","sha256":"7564f93308d67dd43346f1b6f91a9c2e58e50b4b15d72536d1e5822b5d9dc98f","sha512":"6c51be67ead0d9a354a80064848bfe79cef95a4f863a815c64c3c3a43f0955a4ff940c65a60bc2be68b17621ba5e53002af1c13331e2ad7b1db8a4ff8c0bb33a","ssdeep":"384:XeUw08ZHQlDjjNQDdUgLpOy5vIdSJaCaJCrm74FW9BDkKcKphgyoUhDcJH+GldYu:QZwlDjjODJ5gcrq4+p/CGMmxG","tlshash":"4e73fd57b5f1132fd02e2052f1c25c48dfc4b0dbf1899fd0650e9dea429aab266f1b86","first_seen":"2026-05-16T18:36:08.651774Z","last_seen":"2026-05-16T18:36:30.963987Z","times_seen":2,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/64cb809db4dcd785.css","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /64cb809db4dcd785.css HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"0381df770c10ce71e56054b18e7eef61-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15T0NGGVVXM67V5QM9PG3\r\ncontent-length: 2668\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":16973,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (4867)","md5":"f12ef104c3b25c730865f7ed5789c322","sha1":"ba19c7054add04f0bf0e992a881527141eec062e","sha256":"0571062658eaf4268d877c454446432d81fb44585bc7efe0ebf01d4c8369601f","sha512":"6218a6e159f9a86b93a4512c4c4081e8f47d83ea4d5f96eae247ee578b0174a04ab1a4eb15fa30d8a84f7088ca2f9e4437a1ee6dc83304e5c5ae265a99ea6232","ssdeep":"384:SY6Rh6yXjZQmtVAYJQK1h/+SG5JZnWwrf7AZnp:OftpJVTDSJZWwrzAZnp","tlshash":"ed7235856360192793170e3297a18bb4eaa458c14bc3dff990c1edd4c2f6db913af296","first_seen":"2026-04-24T15:23:41.465528Z","last_seen":"2026-05-16T18:36:30.964625Z","times_seen":3,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/Flare.svg","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /Flare.svg HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/svg+xml\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"8b7deb0c58faab695675592b4723be45-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15T0PAG8V5R72RA3X5ZSD\r\ncontent-length: 892\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":892,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"595f973187a90d91245e6adbd03e6f78","sha1":"84cf19963d52368852d083a4377e2359d57f5db7","sha256":"b32962a5e4467193bb585ce81d604de083405dba639e7a32154dc39958b50cf1","sha512":"1507e4cc3a19a71943ae16bb68b5cd34a8522f1e2712c770b9f3ddd7a52ae6c42788f9450cfad59fa9b741cbccf15592e5f248f56df154614600dc7e0219c57f","ssdeep":"","tlshash":"bb1100e423ad82c4f906d3300aab787321873dfb49534b98e0812d14d60b46edc35f48","first_seen":"2025-08-11T21:39:04.753608Z","last_seen":"2026-05-16T18:36:30.965109Z","times_seen":16,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/bundle.js","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /bundle.js HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"90fa378065a92ceac364f93a312ed535-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15T15RK0WC6TQDS30SSK9\r\ncontent-length: 1019691\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5096451,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (37882)","md5":"7674d7fe56d742d59a9b6e533b1a5203","sha1":"71a05d1b470143ccee9d7fdadb22b45100e69125","sha256":"3869e788dd2d2dab1ddc59e7ea2d432811f26f11680569004d52e188fcc90afd","sha512":"ae999b782f0473d67d2baa240bf18b51ed257b8947254387d9d41ac751e736e9b8bbaedc2c1177b5a1b75fa05fdde81c120d0e5f6aaba22ff8366cfbaf0bf11f","ssdeep":"6144:GOF+azPxehiExaZvvueAoN7Q75rCwhAAb1Tn9GfLCzXroAFgt35CfAWoTveC/6er:0su1ot/qawfeeC/6JCYlVOHrLpR5gs","tlshash":"8a255bd8b36574a287d761b5506b1106f238a956180c0428f6acc8fa3bf8d8dd1fbf79","first_seen":"2026-05-16T18:36:08.645371Z","last_seen":"2026-05-16T18:36:30.965517Z","times_seen":2,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"flare-fassets.vote/banner_main-4.webp","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /banner_main-4.webp HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/webp\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"b376b1603e50ee67849c290f9a0e7c0b-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TD5GH7J61HZ9XMRYSRC\r\ncontent-length: 20492\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20492,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x173, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ff4cef6f77c80d86a3f7c2d73ad39f2f","sha1":"cff4989c30b3b46480f0e10cab01bb47e6ff8377","sha256":"fde9fd86ecbec2f137dfaa12270dfc5f63f35109669616629ca452bca6576f05","sha512":"63b338afe19096a78c5d49c4f0596cd67e5c77a66cfd4967e44f859ea32f1c59f61db0f1eaecd22036d4904a9db51e8612f7accfe548943b6673ecc3945fca70","ssdeep":"384:hOJiUHQHGe1qLqH1kBxC1LuaHiDcyd0aDPKxb+FXrqzFV2AvqsMX:hgiUHR2VsCxuMiDTLKxb+Bqb0ss","tlshash":"5c92d04f440ad2f6f101aed547bcd9165feab8ecba770250708d747801b60a52d937bd","first_seen":"2026-05-16T18:13:37.170366Z","last_seen":"2026-05-16T18:36:30.96616Z","times_seen":3,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/hypernative-1.webp","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /hypernative-1.webp HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/webp\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"ab7cfa4974fd00f27ab5ebadb86dc690-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TDDYC0M3SSH3MAV8NN2\r\ncontent-length: 1766\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1766,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bd032d84e7dd874f19808839ca4b8a7c","sha1":"422e8c55fb35beb88b1da5b147a0f21e61fe6dee","sha256":"945cceaf66a6e82c7cf3bf882d876efa306a4c3d2ea0d7bf01702f46c0531be2","sha512":"3eddf98f194370872df01fcad21a1b337402c158d44ff1e6a950b905112db3336faa4db5370e4473362e62eaaab583f692f3d7f30ce81199d9d97741f416538d","ssdeep":"","tlshash":"43314dd284704388ae184625d37bdd48701c9e57747f8b3167e110444718f67b29f33b","first_seen":"2025-08-11T21:39:04.764994Z","last_seen":"2026-05-16T18:36:30.966794Z","times_seen":17,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/Arkham-1.webp","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /Arkham-1.webp HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/webp\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"f506147c482a06a7c78e2c56e0241a4d-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TDFM8X0B121TJZW8GES\r\ncontent-length: 1652\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":1652,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5f931f5036e2902f0ea2ed199ceb772e","sha1":"40a5df06dc1fbf155dbbd95f3193dbefb3c70ed2","sha256":"2b99ad22545742a421f1ab0bf14700111ec6c3e0d75898d9fa13827aaa415613","sha512":"4d7f2ab2d84effea446962fb5e101d3c3e49dc8f19ebb3b81b616e84111b620b3454448cc083229427f324bed6929b2a2887f7bf6d203ba4d7cd14c58798ecfe","ssdeep":"","tlshash":"0731180a4532aaab916b910a8938118980caf1792b212a5b2d372298c90eeea57d3058","first_seen":"2025-08-11T21:39:04.762048Z","last_seen":"2026-05-16T18:36:30.967347Z","times_seen":18,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/579c7f5cb4a415ce.css","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /579c7f5cb4a415ce.css HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"ff006f1fb766e0912132b60570c35e54-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15T0NMA73TQQCKG4KFRJK\r\ncontent-length: 3011\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30481,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (10182)","md5":"c986ad8c9796cbae33d49deb8538ba5b","sha1":"357407f751a8b8e02ff98621312e6d58f84c3baf","sha256":"e35b0fea230c68bbdfeaccd85bec05ae7f46dc53114cccce2a7533826c6ce385","sha512":"d078e7a477b22f951c3e29fff59bc5af1e34ac2b137ff8b2501d8104d62e06eb08fa9ca6b177cbf40a8c46766e53c71e31dad4698eac7633d459ee60c912dae3","ssdeep":"384:G9PqbwLV0qxkaEHS+0f1x9gMcHe+MFBohb+GsWNrChqkALVb8xMqlhiqKyj0xntA:2acx6CKN2T","tlshash":"ddd2ad43e2f4173f605e1186f9828948dfc464faa1968fd0290ecce594da7b27af1b47","first_seen":"2026-04-24T15:23:41.461599Z","last_seen":"2026-05-16T18:36:30.96782Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/bundle.css","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /bundle.css HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"8e0d16a7b9637a61d30fc0f31606d6c0-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15T0NPCZ25GWSSEKNHJQS\r\ncontent-length: 3941\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27990,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (27989)","md5":"4afd5f409576bbeebb6bbfc1142f0dbc","sha1":"25463362398f4fec81ba0852d0322fc22e6c0856","sha256":"1a61d31092dc23a8c6de40940df6af3f3d52883ce7f9d3037d38695065d968c8","sha512":"2fd5115427733efd8b61ec49ac3c2a4d98099eaf272a21c108957ee0d09a6b0f7b531e3817e3ba06b77673c8783d4929be6a89df76a6079652ee155ba9a0a620","ssdeep":"384:P56ed283Zcy23qWF7O36YBzQ4JYf1oKPFEINi:P56UJCYBzQmSoKPFEwi","tlshash":"bfc2c9093e2d3f38ba13a32440c0949c620b775feebd8797ac91265d9d9c78431aca79","first_seen":"2026-05-16T18:36:08.671407Z","last_seen":"2026-05-16T18:36:30.968447Z","times_seen":2,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/home-page-landing-big-4.webp","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /home-page-landing-big-4.webp HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/webp\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"a80fe5c1cc9f3cf50472288749aaea30-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TD6P96APADDQWSYNEZ4\r\ncontent-length: 247196\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":247196,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"381eb073afaa8b27620d005c6765f4c0","sha1":"1e43306454ffff3774fb6cc01e5daac43061746d","sha256":"bda8027aa589340dc634d185006f96ba5fdf8bf5c9b9bd5f176a4b6f0242f8ae","sha512":"f36780edf69b8e4065f80585f3c1eca76a96347ce21c1586d4a2ead2fb5aeaacff6cc6880891663d2dbdcbb07b3f4ae1c61a79bf399f2c3a6c99c580fbfff2fe","ssdeep":"6144:Q35zd75lysY/PjTcB1ToAnF2q1/pXuFiT6WQ:C95lypfUpoAnF2q7uFiT6WQ","tlshash":"be341349fbeda594567f7e313fe3e0576d8da54302c369746339813b00a85a6fe0a2c8","first_seen":"2026-04-24T15:23:41.476188Z","last_seen":"2026-05-16T18:36:30.96923Z","times_seen":6,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/29d75789b264c294.css","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /29d75789b264c294.css HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 29\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"4bb3283a44266be6562ea787d3d83729-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15T0G9GBRJQF4M4JPXTGP\r\ncontent-length: 10634\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":111022,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (16853)","md5":"7acc17db58b14669a0841b94c1bb4408","sha1":"9b93c309a0db448eb1d55ba04704368af203aa76","sha256":"8f7eee3ea14c27a30f43f5def41e58c0dc661c252fee8537ae4f834a04b18a80","sha512":"47d862d470dd862258de97fd124ba6c0e2807cb1e867058d721767632c52bc6f355b1f032c66d9dd633de89f2307570417cbeb53874893ced5d68ee1566a667b","ssdeep":"768:KWeCQlBkIapPd6GvZbpyFV7vYyafVcVVyN1HQtlmsbmHDmxHC8hjg+8eItV25ZX7:KbliIapPd6GvrtfVcRids","tlshash":"a2b30e13b6f5137fa05d244af6915804efd074ebf2ca9fe0940edce588899a226f174b","first_seen":"2026-04-24T15:23:41.479963Z","last_seen":"2026-05-16T18:36:30.969766Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/Satoshi_Variable-s.p.fc536e90.woff2","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /Satoshi_Variable-s.p.fc536e90.woff2 HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/6cdcfbcc140e7bef.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: font/woff2\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"0c76933cadd3cfc6bfb1f918f423883a-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15T6JA7ZBQ3BJR8GWXRVK\r\ncontent-length: 42588\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":42588,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 42588, version 1.0","md5":"70880e42f07b0386e261974cd14820a1","sha1":"2d34d398b398a7fd88d21fae7642cdca908bf3ee","sha256":"e739aff9b4d02c264341d6d4872edcda28e79373aeda936f659566a1cd3eb47f","sha512":"6a5cb0cbee5f49a4b96df82bc37f3f2aa7abbc8fdb304962a3f492c7f63772b81e753a86e01da2a7a74785cf3196795408065e0bf30695166311e324d813d83c","ssdeep":"768:LRuvvUK4d5TnqQ8Wd3PDjhbDERazTlYv2zypgb0Sj0a7OpBUroBTy1gvK2jbx:9ukK4rzn3PPeRElO6ZVj0a7O/3g1IZx","tlshash":"d313013c8972d7b2bddb203b7cc0b6652494576962b0b2bec096093c80a467db18f733","first_seen":"2023-06-27T05:49:32Z","last_seen":"2026-05-16T21:33:51.283497Z","times_seen":1912,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/city_ori.webm","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /city_ori.webm HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-range: bytes 0-262031/262032\r\ncontent-type: video/webm\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"98c368064ba8b49482ce02e2a845d321-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15T9S581Y4WPGCEGF57EG\r\ncontent-length: 262032\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":262032,"size_decoded":0,"mime_type":"video/webm","magic":"WebM","md5":"a51f5d83c91adbd04ed54a6b5479ea81","sha1":"bbc60e6eaa15ec3083c4e7dfddddfc52927d6be2","sha256":"63210defbb886035555e53410789cdc204909047a1aa139ccd2abfb78d20b0ba","sha512":"bba08f3a88d355eeaa622bb29f864057f71b6b16034f84d3acb4efde3b8fefc7491eb6f20777f8bc651709ac494f0423820f2dcf4210dbab68a7522d7d83e35d","ssdeep":"6144:rd9H6MksUSF1qtWswBcgN4+F/McVr7yZVArUdBMLbi4Acq:r3aMsSOQswjN/RMWHBrEBEbbHq","tlshash":"ce441211ccd6fa67d84c92f1b23e065e8494805fa523d3452db7f01ee67ab8de90a4b3","first_seen":"2025-10-21T19:21:03.381512Z","last_seen":"2026-05-16T18:36:30.970739Z","times_seen":11,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/FDC-1.svg","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /FDC-1.svg HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"0e2b813cf6899d860f54aac1b68a6dc3-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KRS15TD3J5HKKZWC3BHK50X1\r\ncontent-length: 2675\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6621,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ef5cce942cb6a6ce5cc385d777e743db","sha1":"26dea5d3314a5cde9c4a7d0ac7418578d8536d89","sha256":"1f9f4bc9071c159a6a3e58fcafee08caf55861f295b1a8af0a76941be15b3970","sha512":"2babf9cd06ce7005f8cb66da1875b492532e6030394eca5ec9db70a95eca761179f766cfb05ed80596219ad7e5eaa04a87f1628e1b218e4b0a92d631640b4a3e","ssdeep":"96:RaQb8scbzGrg4hnNG2E9z3pCfuVPK8NltmFVy14mta9YEy9e3C38/mlOaTIb1Vdg:Rpws4GrgANOnVPK8FC0haJygCWQWi","tlshash":"90d177c0736cc3f8b484e378079e603a682b54e8b65554d0cad22f4567856ef2ce9fe2","first_seen":"2025-08-11T21:39:04.755564Z","last_seen":"2026-05-16T18:36:30.971265Z","times_seen":11,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/home_fast_desktop.webm","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /home_fast_desktop.webm HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-range: bytes 0-1378640/1378641\r\ncontent-type: video/webm\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"dbbfb46caa7daa553f7a2f13865bf9fc-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TDQQ17E2NVDT3DHGTED\r\ncontent-length: 1378641\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1378641,"size_decoded":0,"mime_type":"video/webm","magic":"WebM","md5":"9a5fba883369cf25fcd3de86facd08b1","sha1":"0aa0f6141f01d5a4bf827532aab3e029a30f2ed9","sha256":"c10dcb1ac941eb67789e362664821756ad38f30107d147897daa06deee62c45d","sha512":"5c514cb7b02b4f4aae4939f44af686286fb7e1470e4339c60da0a269857ff3f9fe143e8f6cf4763bd8710ac22ec30d776337a4c718c5b428ae6e39c6efe6002e","ssdeep":"24576:3p/jOrSWT9ihDPOxGvbRNI/86ocsvDBIylxy2+6LL+:3pbOmj5uGvbRPcsvzxy1V","tlshash":"f925332e2abc2c906fa5d17ef1b95c257d7be221687de42a3c1931c791094fac1143ab","first_seen":"2025-08-11T21:39:04.776649Z","last_seen":"2026-05-16T18:36:30.971782Z","times_seen":14,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":76,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flare-fassets.vote/home_providers_desktop.webm","fqdn":"flare-fassets.vote","domain":"flare-fassets.vote","tld":"vote"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://flare-fassets.vote/","date":"2026-05-16T18:36:00.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flare-fassets.vote","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 17:31:49 GMT","end":"Thu, 13 Aug 2026 17:31:48 GMT"},"fingerprint":{"sha1":"53:65:9F:D9:3A:81:E2:10:C3:72:70:22:BA:77:D2:7B:69:7C:6D:34","sha256":"D5:46:06:AF:40:28:5B:67:74:06:D1:F6:B1:53:A5:88:E6:57:29:B8:79:D9:67:F8:CB:B1:9D:B6:8B:86:5B:9B"}}},"request":{"raw":"GET /home_providers_desktop.webm HTTP/1.1\r\nHost: flare-fassets.vote\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flare-fassets.vote/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\naccept-ranges: bytes\r\nage: 28\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-range: bytes 0-1267258/1267259\r\ncontent-type: video/webm\r\ndate: Sat, 16 May 2026 18:36:00 GMT\r\netag: \"49d702468d258be7c8dbeeff4226500b-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KRS15TDQKJPXH95A7RDKW52W\r\ncontent-length: 1267259\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1267259,"size_decoded":0,"mime_type":"video/webm","magic":"WebM","md5":"ee2f09b30522d734be219fea9eb6b652","sha1":"6b2d4a6f78be14a1c1ea569c5c160396ad19fcd1","sha256":"802018a8d524b7c30540a7897c55ae1efa17f6ccd142e02d799c8480721e8449","sha512":"14b541f6615eea0028ecae7f55241185ce41b94a11f484602ae5b1934da1d3b8bb3960caf46ed1b8a65c9053444b70c00d7c1c5c6c1e59dd468ee60ea950b6ca","ssdeep":"24576:5JJ1VbEOGs0BDMeeobFxHYENSOAMma9tj9/e5gbIjpjMqZ:5JJkLs0CkbveOHNjogu","tlshash":"6925339d4ccaad43f09d84f9ad2442cb0a510b9193c684bad5bd334fc5b32eeb6751b2","first_seen":"2025-08-11T21:39:04.769941Z","last_seen":"2026-05-16T18:36:30.972277Z","times_seen":15,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":103,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-16","alert":"Sinkholed","trigger":"flare-fassets.vote","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}