{"report_id":"90a93935-6f50-482f-bc86-c9c4d4f8c6d8","version":6,"status":"done","tags":[],"date":"2025-09-23T22:54:21Z","url":{"schema":"http","addr":"rapevip.de/","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"rapevip.de/login","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"title":"Login - Paradise"},"submit":{"url":{"schema":"http","addr":"rapevip.de/","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-28T22:54:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn3.emoji.gg","ip":{"addr":"104.21.65.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-07-02","domain_rank":2060414,"first_seen":"2022-05-18T10:12:33Z","last_seen":"2025-09-23T03:17:47.815434Z","alert_count":0,"request_count":1,"received_data":120382,"sent_data":450,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"rapevip.de","ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-09-23T03:17:47.415826Z","last_seen":"2025-09-23T03:17:47.415826Z","alert_count":86,"request_count":43,"received_data":405610,"sent_data":26489,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"i.imgur.com","ip":{"addr":"199.232.192.193","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2009-01-09","domain_rank":3309,"first_seen":"2012-05-21T08:09:36Z","last_seen":"2025-09-21T23:52:43.30325Z","alert_count":0,"request_count":1,"received_data":217659,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-09-21T22:11:31.014241Z","alert_count":0,"request_count":3,"received_data":148101,"sent_data":1650,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-09-21T22:11:31.798564Z","alert_count":0,"request_count":1,"received_data":13472,"sent_data":473,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-09-21T22:12:58.000435Z","alert_count":0,"request_count":2,"received_data":254180,"sent_data":1009,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rapevip.de/login","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d7ccc96d01e77113d30ef7ee882745f4","sha1":"26dc6c604a98b39a1cbe8fd9743a0071e0482257","sha256":"b1fab4a0aaa32c421f066d4c90ee88a1163d3f27bee0747e341766688000a3f1","sha512":"dac6e8d38f15f88c310d5eaff368500a9da7e85f92d14b5be8404f8da43a3436599797e708b99c206e097df3b4f8e4b0c952f6f70ef4049cdb7f5d11a55794af","ssdeep":"192:JEwfOeiE79VuJx5Sh9YiBeynl1/ukGOPuzJRI7fDYBj7aei:JuvE79VuJx5Sh93Ot2udR6qj74","tlshash":"b9223f2975f31c219937b17e3bbf62887022800bb404de09bc5d87984f95f885aa6ff5","size":10516,"data":"","first_seen":"2025-06-10T01:01:27.679374Z","last_seen":"2025-09-23T22:54:22.960787Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"rapevip.de/public/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /public/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4XpSEYXv0thghzTUkcooCpmiSU9DPxutmY9mQ9DQR4wtxzk2nhtNNqKsOee43fZET0ofIX2BzzjeOzqtbtBfZANY5uVgbFSS\"}]}\r\ncf-ray: 983d9f1769ba56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/assets/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /assets/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rKkkhMnpsnt4ta8grj%2B%2BcoFREUobwr%2F3%2FnlQgsWYyX6Tcz0jlArepE0W0Y3hEi9dBHBhccgKSWXt6gbsR%2BrucTzloOQR%2FTJN\"}]}\r\ncf-ray: 983d9f17c9bc56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/login","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /login HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0iscsjK8tqgqLUPNZAv%2FrlNw6b44WjYQ4bNsJHsvcgCDzohS6jg1z8N9yh%2FE8MLXXa2c3noyc9hz5ANk0%2Bm7kuJXBcFbG5aq\"}]}\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 983d9f1ac9d656a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37391,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"2a4d1e597660781b8ade917e3fc8a708","sha1":"7cb7956b176e6300a66d16f1888fe3e99f7c3b94","sha256":"37fd3742b2a87f91c98aa5d67c612299d315a488d95998fbbeec1ea20b1cd814","sha512":"71de5151c1ba8f637b518db53fcb3e096ac717494c9cc971ac7de246fd7a4ae3dce95291e819c721f25d376c6f89b63b20ad336ab0bf9c5cf3db842b495e5460","ssdeep":"192:jp98nkwmn06Ku38xh8aG6QgdTBncG+ETggRxllf1XomDQzy40qRdV9XsCZTT82rx:jp9eIyommaS19tAvx/6QYX","tlshash":"8bf29729a2501456a533e3b8bff6574df6768013d2034e1dbedc138a0fb69984663fe8","first_seen":"2025-09-23T03:29:31.718276Z","last_seen":"2025-09-23T22:54:22.952568Z","times_seen":2,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i.imgur.com/VGItygP.png","fqdn":"i.imgur.com","domain":"imgur.com","tld":"com"},"ip":{"addr":"199.232.192.193","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.imgur.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 29 Jan 2025 00:00:00 GMT","end":"Sat, 14 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D","sha256":"B2:9B:23:54:25:04:8F:9E:C6:BC:84:54:20:8B:AB:34:8C:F1:7E:8A:57:AD:55:F3:C9:40:C3:4E:8B:E5:30:6F"}}},"request":{"raw":"GET /VGItygP.png HTTP/1.1\r\nHost: i.imgur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Sun, 21 Sep 2025 21:11:52 GMT\r\netag: \"203385e6ad8935538d32b5eddf13deab\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-cf-pop: JFK50-P6\r\nx-amz-cf-id: FLJx0uuBtKvdXgkXVF8nNdE5oWmkwLLnfinyv6_lv8rJDo2GwP5Zcw==\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\nage: 178928\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nx-served-by: cache-iad-kcgs7200053-IAD, cache-hel1410023-HEL\r\nx-cache: Miss from cloudfront, HIT, HIT\r\nx-cache-hits: 136, 0\r\nx-timer: S1758668040.292327,VS0,VE1\r\nstrict-transport-security: max-age=300\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cat factory 1.0\r\nx-content-type-options: nosniff\r\ncontent-length: 216903\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":216903,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 441 x 631, 8-bit/color RGB, non-interlaced","md5":"203385e6ad8935538d32b5eddf13deab","sha1":"a5f7ffbc31d4eea2ca32c7258d292963e99246d0","sha256":"056325ea8b231e58eb9ad54863fe6dfe386e0664feaa683ff855a792b1570ab1","sha512":"37d6e02083248b7897a8339a39eaf9b243bcf3b4392598265f3d5a86f5c8d8986800bb41a1e20caa0d3fda10315b339286a97c52694b8f8a67d78b19e1aeeeba","ssdeep":"3072:k7ayyXep88t0hewJU01IkBj8EZxe+1z165jWJiV+waOureytqUNQsNhS4ppTwf6P:kKephtmJVBrLn1zfJiof1CytqnKjT8o","tlshash":"82242329d79144a09f80f6c2fc69da5a9e8859f232453c0b612ace5cdc73fe1b109bd7","first_seen":"2025-09-23T03:29:31.723451Z","last_seen":"2025-09-23T22:54:22.954442Z","times_seen":2,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":62,"dns":8,"connect":13,"send":0,"wait":14,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rapevip.de\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 16 Sep 2025 23:35:55 GMT\r\nexpires: Wed, 16 Sep 2026 23:35:55 GMT\r\ncache-control: public, max-age=31536000\r\nage: 602285\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-05-31T18:30:59.680628Z","times_seen":198876,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":82,"dns":0,"connect":7,"send":0,"wait":15,"receive":5,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/backend/public/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /backend/public/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SBHaar1jv%2FQ7BHyh03WCqkIXv0FK1AzxETgLlMyFi4CQ5bnQe457fEkrj6%2Bz5LwwMPW1ikFSpKUynwvjifDkCxPCVTHHYN9P\"}]}\r\ncf-ray: 983d9f14f9a456a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DLJrokbzsawrM%2Bjhr%2FJ0%2BKPRFskXv5Ig%2BRVfpWi5erzf6CIGWs7g0r62XdgStYyYjo1yEHXwy52ItncNsqkqVIse6Ox6pvf5\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f1729b756a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/public/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /public/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uIILONv%2FduDQFktCjIqOiU2iRiaIKpCpQfVMlDP5sXbNQ56Gw1autqBGyDjlnUR1TTBHzG2XEwneaN8%2B1xvkus9mQgwhWwBl\"}]}\r\ncf-ray: 983d9f1739b856a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/backend/public/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /backend/public/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=82J0czZkzECNLx8QhBPy130ZYO7ubhs8ZwzRxjwfTedKYpfiAeRCepmSgq%2FHPlLxewMHDQ54yUhnHwNVMlEsydWrxCTyglyk\"}]}\r\ncf-ray: 983d9f13e9a056a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/backend/routes/public/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /backend/routes/public/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /login\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 28\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=esxpGrlZw0bDA0a0jWJSpKAAWAT9TjgwCDVXDMuZBYyL5N9Dc0frlBdPB6ZgS50PoH4D1Tvsxp62ZGgxtt08Cer79l1OXtBH\"}]}\r\ncf-ray: 983d9f1519a656a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":37391,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/login","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /login HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OteXRVEP6DT2oTDwqXW1qfn%2FT1s0iAqw%2B22dYJfr%2FhLe6VlDKE9Z6Uqv1%2BiFIP6OwaKdfPFA1CpMKrCiOMemVBLK2LJE3dWq\"}]}\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 983d9f15d9aa56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37391,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"2a4d1e597660781b8ade917e3fc8a708","sha1":"7cb7956b176e6300a66d16f1888fe3e99f7c3b94","sha256":"37fd3742b2a87f91c98aa5d67c612299d315a488d95998fbbeec1ea20b1cd814","sha512":"71de5151c1ba8f637b518db53fcb3e096ac717494c9cc971ac7de246fd7a4ae3dce95291e819c721f25d376c6f89b63b20ad336ab0bf9c5cf3db842b495e5460","ssdeep":"192:jp98nkwmn06Ku38xh8aG6QgdTBncG+ETggRxllf1XomDQzy40qRdV9XsCZTT82rx:jp9eIyommaS19tAvx/6QYX","tlshash":"8bf29729a2501456a533e3b8bff6574df6768013d2034e1dbedc138a0fb69984663fe8","first_seen":"2025-09-23T03:29:31.718276Z","last_seen":"2025-09-23T22:54:22.952568Z","times_seen":2,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/backend/static/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /backend/static/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bg%2BlLNe4Ou0tjjy8jd8WXQBfIw5%2BdZrZCdyU7A5F8OLU35BlfhP7I2nKLGNMuwDi3gqqcXrfUJtDCL7NH1dbO4x1ZnqzhZ4e\"}]}\r\ncf-ray: 983d9f1719b656a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/backend/routes/public/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /backend/routes/public/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /login\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 28\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jz%2FXASnfG3GcIPy9rIGdWTJUCMC4eWCKopkzQ5shW5jLS34pWAOVd4aVedk6q25Em%2BO7%2B1TMh7TkN4wGoGhZ9ZCZhlewO%2BNm\"}]}\r\ncf-ray: 983d9f15b9a856a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37391,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FIZdr3Qiid9Ef7LRlFPR5Tk%2Bptbxtjjj0qTgBCPcmvYETo71rhxXB%2BIw356BKqE9aVaBHJZ13xbxUxNHzdDtGfun%2B3adyWvp\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f17c9bd56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/static/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /static/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=52L7zbZASd7vm4PkZjJu2j905Lrbxh1fhyUfsc6n0uYnNySmIaLNsh9c0h%2FBzN7WoELTHPTKYRzIHqgJH%2BwNoow%2FxT3DqCM2\"}]}\r\ncf-ray: 983d9f1869c456a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 26\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uAzgXhyO6ORFLMEFQ8oEe%2BK8gl3PBLJxOyZSXN9dFnBrnXZK%2FGOPV3e8HqPe0%2BozNkRcU9HdQa%2BMgGH5vy7A88Om3jJjK9w9\"}]}\r\ncf-ray: 983d9f18f9c856a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 23 Sep 2025 22:54:00 GMT\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\ncache-control: private, max-age=86400\r\ncontent-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12635,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"f04de8ad1ef740d940ec0f534a8f6474","sha1":"3b31756e84c8887867417c7d6cc64501c9d9193c","sha256":"2f1ac0c31bc3ede8317cf72e9d28051ec727c9a0014aa69cff495abd6256bb4e","sha512":"69afede137c125294044274e463f30c02594f379ec879285e0b3ee41097f503dfb8272487759870f547e4dc4cf8828a2c1efaa806deb2f3124b7f6d67c638783","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:8KYXuM0p2+4","tlshash":"28427892002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:44:19.218006Z","last_seen":"2026-05-31T18:27:38.352489Z","times_seen":23387,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":127,"dns":3,"connect":7,"send":0,"wait":20,"receive":0,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rapevip.de\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 16 Sep 2025 23:35:55 GMT\r\nexpires: Wed, 16 Sep 2026 23:35:55 GMT\r\ncache-control: public, max-age=31536000\r\nage: 602285\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-05-31T18:30:59.680628Z","times_seen":198876,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":72,"dns":0,"connect":9,"send":0,"wait":8,"receive":10,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rapevip.de\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 150124\r\ncf-ray: 983d9f14fe6cb51d-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-24a6c\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 31985\r\nexpires: Sun, 13 Sep 2026 22:54:00 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=JiIfV%2BwLxLPaxVhF10LrEkRcPK9pqbfF%2FHKZApf9vib1ZhuPpbyMksF5pqolZE8eJLrHhcAvbwOHmzHfIB9axEogMke8G0MJyWnjs2pAhWENpga61bUNcTyhZo7V8o8xdPmhCs7G\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150124,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 150124, version 772.256","md5":"c64278386c2bbb5e293e11b94ca2f6d1","sha1":"6b99aa650bd12a36caa14e0127435d8f4cd3ba73","sha256":"7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880","sha512":"0ccdc1515510d902c0b4a48b863c48bad86e1f766b1f9c890a64e28d91ee7c6d488241c531fc094d15b29c211da71e092587a987e24ee8e67ef8ea99c284e821","ssdeep":"3072:7sCbk7w0ZXdkN6iMjif3Lr7x7wAtf+D7gDk1feXDLnurWHqrNIuv5n0:7sCbkFZXdC7MaLr9w2mIY1feXXurWyNW","tlshash":"28e3123cf2c6d486735f5aeadb79636894fd0a2e74ecc67d26b982112048f828174d1d","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-05-31T17:57:46.080093Z","times_seen":37006,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":24,"dns":4,"connect":0,"send":0,"wait":13,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KA6Ng1hEwsqFiCz5eTVT135sezFZ2mU4mX%2FNFiAz5tTD4FME8%2FVF5ohWVQw0tYgM3Uc53k9q8uq99ggjlpzpeaNJmoB%2FAaHM\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f1539a756a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fy4Hh1pN3z8lnR693GMbsxNyYUF7%2FOZ1%2BRKyPbUSnUlYhTSH8VnxyVENrahdB7irnJJ31%2FtFbuKRjFHZOoi8RV1ILOHQoxos\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f16a9b356a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cCyai3vX3lwtfZXK5iMw9cKMrItg3mrnr0KI%2FEv3ohNzgrXhDnW45A%2BgWnxiqNwJ7BrmmkQLTb64x6yfFpJc9Ljmw4%2FNe9oA\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f17a9bb56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 26\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KCJu0kQtzsdrdMTQ0ULUmVvkrq49ZDAXFw25bYKV7eAexRuplbK5Tng4qO3QglOBJ1Kh0y7236o%2FWE1G%2BVkL5bSFXHk48gHa\"}]}\r\ncf-ray: 983d9f18d9c656a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=svrIqSH6IgSeCL6J7cXmI61DYy4Bg1GTi%2FS60uDWTjzPFucjCBnW%2FyvRi14wfKAdQNKr5JacAT6Zb81%2FuYr48%2BIcY5xi%2BkDF\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f1979cd56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-23T22:53:59.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 23 Sep 2025 22:53:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-powered-by: Express\r\nlocation: /login\r\nvary: Accept, Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UZxXIeemtHTNp2YiOgJgjkpJ67U04bUxVTrHSghk3ZHXF3HIMG%2BzKaErKIk%2FqAt3LquAg3oOdc%2BrkPRwo1BcenLBq9KbwkgX\"}]}\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 983d9f118e3e7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":37391,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":65,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\ncf-ray: 983d9f138b34b509-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 30421\r\nexpires: Sun, 13 Sep 2026 22:54:00 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rUaerthCjGUD%2BqhhJlB08etNLiSKwMwNqut29jkB2PpRwB%2F4HApxuSF9TYZ2oFlzf%2F%2BnjubZ0r6QfTPQCWrGVRocGDO3Ii463ULZOaiEDKt%2BM3a6KoCCQIii1Hlz%2FaH4R%2F7ivP5x\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-05-31T18:35:23.434778Z","times_seen":50285,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":25,"dns":1,"connect":1,"send":0,"wait":14,"receive":1,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/backend/assets/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /backend/assets/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BdKceHXy0bxIvkytkFZC7xp770RLlKH8kpGP0npThAVKzZ542OO7L9J3x7MZo17JMaB5wjApPyrEFQtM2FYC4ASNEpmev1lz\"}]}\r\ncf-ray: 983d9f1639ae56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/backend/assets/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /backend/assets/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FToGOO5ZXRAfyRs6qCtS0YF24MNwUn6cz3%2B0By3wo40Z%2Ft%2B5TXpJykpnrxQolnpdWkwWjFGu4r8pG%2F8TI4bBQ0cmccubeP19\"}]}\r\ncf-ray: 983d9f1689b156a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/captcha","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /captcha HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: Express\r\ncontent-type: image/png\r\ncontent-length: 4637\r\netag: W/\"121d-Pg8LgCIw/E1bjL0YMphfnQo9f9g\"\r\nset-cookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI; HttpOnly; Path=/; Expires=Wed, 24 Sep 2025 10:54:00 GMT\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9lA1wnW43nly0MoCFjxUh0%2BMdlB3WPmNIEZ6O9Z5jzdUG%2BIEQakAl6OpUmz%2FjQXz8MSm4PHi3iKmvbnuY0Rm2MBAfsg0NCif\"}]}\r\ncf-ray: 983d9f13599d56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":4637,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 70, 8-bit/color RGBA, non-interlaced","md5":"69cf57c87de4ca2ea5fe6e6148b0c99f","sha1":"3e0f0b802230fc4d5b8cbd1832985f9d0a3d7fd8","sha256":"d1db3304924859c07de1db577c94af04d09f7c717de5670334e40e39e38afadd","sha512":"411bbbdbb2df0cf883628f63be58fe83a461779da9fb3ad095bfef18107ce8ea3518d9e3ba7895beb3b57f697e550841eca8b12528c4242103b953b77c886d09","ssdeep":"96:Ez0nGUd7X/2hiokxx38+Zks/0L3oqrIlzhE+1sMjNp8cQV:U0hJv2hidxxiYqr2hE+uMxpqV","tlshash":"f8a18ed599c53446e8adbae1eb30e945caaf867580371e4639d014640222f239f2b039","first_seen":"2025-09-23T22:54:22.958735Z","last_seen":"2025-09-23T22:54:22.958735Z","times_seen":1,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=966l51VS9XuX5JzWvD8ReswXP1lVrEojC3TLKPwI7ewfoOzO6lRERcVYPjYtoycUHpU08WSbzZalJh1krx7iNcOlZG3O4SRq\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f1839c156a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BFA4PRCnD6Syz8dRWu1aIanbIhfysep3VUXDwVF34JQ9E9t4tPJY%2Fa4MY3SSgjrJcrypQCmNLrOkptRLDrE0lP5NDLifiw1l\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncache-control: max-age=1\r\ncf-cache-status: EXPIRED\r\ncontent-encoding: br\r\ncf-ray: 983d9f1489a256a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HKamGspM3Y6u3Z6Tfa0MXfhgnWLYYOvsFqo9Le4mrCVJJAkMzsaQLJlaL77FXJJMN8jYzmtqTVF%2BjEWYll5f%2FVvEWO31Wy1u\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f1859c356a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn3.emoji.gg/emojis/98755-pinkflyingheart.gif","fqdn":"cdn3.emoji.gg","domain":"emoji.gg","tld":"gg"},"ip":{"addr":"104.21.65.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn3.emoji.gg","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 Aug 2025 04:52:29 GMT","end":"Fri, 21 Nov 2025 04:52:28 GMT"},"fingerprint":{"sha1":"D9:F4:47:D2:89:61:24:2A:E8:63:7C:B9:4C:BD:69:92:8E:77:A7:22","sha256":"6F:FA:B7:82:AD:AA:18:5D:AD:5D:21:2E:3A:24:49:25:D2:F2:60:65:24:6F:A5:81:D5:7C:49:DD:49:1B:4F:3A"}}},"request":{"raw":"GET /emojis/98755-pinkflyingheart.gif HTTP/1.1\r\nHost: cdn3.emoji.gg\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\ncontent-type: image/gif\r\ncontent-length: 119427\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dWv%2BXVCE8N%2BsILLSoI8DwWExeIgOzVeofF7aZ4WT1emx9LllMtdrrrY8u9wFm%2FbVVvqCopWs8yv93t1GTjs5GMScvgGxw2MJJ7PL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nlast-modified: Wed, 07 May 2025 08:35:00 GMT\r\nx-rgw-object-type: Normal\r\netag: \"26f4a75a0c2ec58b16e5311e573d6eca\"\r\nx-amz-request-id: tx000003c4891470f52564d-00681b1b35-1510281c5-fra1b\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-do-cdn-uuid: ed216277-2958-478c-82ba-7db8c1ae59b1\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\nage: 84527\r\naccept-ranges: bytes\r\ncf-ray: 983d9f190c571a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":119427,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 150 x 150","md5":"26f4a75a0c2ec58b16e5311e573d6eca","sha1":"3282f935b11a8747f8862db5d31df50098d14dac","sha256":"436515d01e6f85755ba042b38437a4fb9a0f97c74627da327d3a573d715cbf29","sha512":"d3998b6d0ae8c14c58390d1943d2b50efb1353030644676986e9578107666b0414c4f1efa737540f746bf939b2970cd2649c6603b6440d2153e2a6e04a8504b6","ssdeep":"3072:E2csxsrTHhEkznwyk2qAwshho5w7gr2QIF:E2csmrOkbwykvE/oBNo","tlshash":"3dc302271e0d5999bc6aadfe090cd2cd2a604ef00720507ea95178d3be1297a20dfbf1","first_seen":"2025-06-10T01:01:27.674896Z","last_seen":"2026-01-29T06:28:08.744596Z","times_seen":30,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":4,"connect":1,"send":0,"wait":10,"receive":6,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/static/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /static/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dEJ7iLtFJqtsMPHlZP7FqbS4AGGYuZGYSYVGxcmZ9UhzccV%2FO5CJdX8eTXmdx5mEAVaxbro9CQurvs%2FdFdUk0dHcSDMe32qj\"}]}\r\ncf-ray: 983d9f1a09d056a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/static/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /static/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QNWuizXVGaYz9%2BpCyF8rY2XQ9bnxixlyQY4pYgDpcvRv7YsAPvpr%2FWHDJWClMW4BLTjnQPagIFBTIfyiiQ%2Btge2ctZOxtpbo\"}]}\r\ncf-ray: 983d9f1849c256a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/assets/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /assets/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=on5csx4ye1yG64NIhkHGI0s82Q6Xc9ClKjPSUjRiIVjsNXfG%2B3ptXVBpmeRXjdtPaqi9M2u9UwfaYrsMtIvgcIcjrotsQjvb\"}]}\r\ncf-ray: 983d9f19b9ce56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/files/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /files/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /login\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 28\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=filoY2UedzKeEF3E9Oi%2BunMo11J40JZ1ethw9OnWOCrXBVDoC%2F1Q%2B%2FflKD4JIfTfDExK%2Bcbfk9jlaaDt552nYH0mTiDfJf5L\"}]}\r\ncf-ray: 983d9f1a59d356a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":37391,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rapevip.de\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 16 Sep 2025 23:35:55 GMT\r\nexpires: Wed, 16 Sep 2026 23:35:55 GMT\r\ncache-control: public, max-age=31536000\r\nage: 602285\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-05-31T18:30:59.680628Z","times_seen":198876,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":151,"dns":1,"connect":20,"send":0,"wait":8,"receive":2,"ssl":128},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/login","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /login HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1U9lTvkBGd2eq4zrKpECII2VPZurpMQ5L5TMB1QpDgWt00taFy4odGJoFw7hzfVQ%2F5idoKA9D22dq8LYuctWBoRgYS5LrXTb\"}]}\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 983d9f1609ab56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":37391,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"2a4d1e597660781b8ade917e3fc8a708","sha1":"7cb7956b176e6300a66d16f1888fe3e99f7c3b94","sha256":"37fd3742b2a87f91c98aa5d67c612299d315a488d95998fbbeec1ea20b1cd814","sha512":"71de5151c1ba8f637b518db53fcb3e096ac717494c9cc971ac7de246fd7a4ae3dce95291e819c721f25d376c6f89b63b20ad336ab0bf9c5cf3db842b495e5460","ssdeep":"192:jp98nkwmn06Ku38xh8aG6QgdTBncG+ETggRxllf1XomDQzy40qRdV9XsCZTT82rx:jp9eIyommaS19tAvx/6QYX","tlshash":"8bf29729a2501456a533e3b8bff6574df6768013d2034e1dbedc138a0fb69984663fe8","first_seen":"2025-09-23T03:29:31.718276Z","last_seen":"2025-09-23T22:54:22.952568Z","times_seen":2,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/backend/static/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /backend/static/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EXhJpu8Obc55t%2BzrJUvqqxIQMyz1dmozbXfKUpXQBN1S9TNqU30Z7GcApcK4LkKU6UNkAgSUX%2BXprx7bmRsauJtOgq5JwAIW\"}]}\r\ncf-ray: 983d9f16b9b456a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vQfLlMdUJi7%2FEoQN7Go%2BmF%2FBvEkjIrEwx%2BRU3DvsWb1I%2B9WQl%2FqPP60PtMrSDFTESaFnJIqFSeqjcbPanEQ9EvlHWXM1H3W%2F\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f16f9b556a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zoff%2BYaIZqpI9dT3xLUt8Qp88SB%2BXcMa0YAe8S8yBBI2GjhMIcBJBQUBfSd8iqxsgrCjaeuLm9AgQs5%2FDH9FYNIsBJw5%2FcaS\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f18d9c756a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/public/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /public/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OWEP1JLGQk0g3hQr6o2lt%2B6JZZe9tYMXeDoP1n1bnXgy0WjdV9c%2BO5Y2h7wFab3Sv2ElEzB6rwAEM%2B%2BKHWd1oh2PiNKJm5%2Fw\"}]}\r\ncf-ray: 983d9f1919c956a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fyjfv5PysoigzUqVNd02kMfdZbiDNpZmbh%2B%2Fw1Hs9O0P31pi80ECvdNEhIcFmZBIf9P%2F3jQTGhXOqB%2F9DdA9AXGNdb0UFrPa\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f19e9cf56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TycAYKFwMWquLgWjau65G%2BR2RipEyxCZec2D5Z9JbFAXQaDx3U%2BXpCpVCnc8N5H3294CJ%2BHMsv29TF8k9o3I0ltrsXyk9s96\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f1a49d256a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/login","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-23T22:53:59.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /login HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-powered-by: Express\r\ncf-cache-status: DYNAMIC\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qFMrjwyvpPzBMWoBejA28PNQdOH3AKqUH1jUEXQY%2FDMbHTjyqVc3%2Bz5OJgrCEbCDzH0CZSUxAGwiWUFvah0BRbtTaKm5OFwn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\nset-cookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI; HttpOnly; Path=/; Expires=Wed, 24 Sep 2025 10:54:00 GMT\r\ncf-ray: 983d9f11fe5d7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37391,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"2a4d1e597660781b8ade917e3fc8a708","sha1":"7cb7956b176e6300a66d16f1888fe3e99f7c3b94","sha256":"37fd3742b2a87f91c98aa5d67c612299d315a488d95998fbbeec1ea20b1cd814","sha512":"71de5151c1ba8f637b518db53fcb3e096ac717494c9cc971ac7de246fd7a4ae3dce95291e819c721f25d376c6f89b63b20ad336ab0bf9c5cf3db842b495e5460","ssdeep":"192:jp98nkwmn06Ku38xh8aG6QgdTBncG+ETggRxllf1XomDQzy40qRdV9XsCZTT82rx:jp9eIyommaS19tAvx/6QYX","tlshash":"8bf29729a2501456a533e3b8bff6574df6768013d2034e1dbedc138a0fb69984663fe8","first_seen":"2025-09-23T03:29:31.718276Z","last_seen":"2025-09-23T22:54:22.952568Z","times_seen":2,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F3kS5xqZMFSahZ6Cn%2FJtu2fumodquvGf%2BBibgoKRYWxSUSMjI4Ab6l0oxybFuAHEU2usuTCn9oAmx9wlH0CNyg7YdwvhZgoV\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f1759b956a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/assets/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:00.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /assets/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /background-video.mp4\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 43\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rbmk%2Bey%2BN7RxE4vCzTjKv1dMrn0M%2BF%2FqxlNKArqGFYxbjXIBcn%2BcWhLngW7OsVZQbuK3SroOpMXG46dDg0NGCsvjUTmmTsIQ\"}]}\r\ncf-ray: 983d9f17e9be56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lb0Up2c7zoWuW5WOX%2B55pi88HwyV5rp9SrO36NkDdNHmFAUgtrfEqD4HOjRFo6oyPiki7ZbU5%2F7wNSHNdSnBI10OJ0YK3ezq\"}]}\r\netag: W/\"1a-XOVWpC6ORfX8cWwqCSkJUWSS0fc\"\r\nvary: Accept-Encoding\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=1\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 983d9f18b9c556a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":26,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"a51d8854150e2e9a6953174e4de22ff5","sha1":"5ce556a42e8e45f5fc716c2a092909516492d1f7","sha256":"4e5826ff79bbeade889059d6f43f4ee28354344b92981a7b8d990c20ed6d84c4","sha512":"e8632ce4ee0ea95e52306533487e6bf571e22697deee516a1d5f3963db06c4c66ff798c25f3ea5e3862561f14d3379246088cae46229ff36fc5c27abeb4109fa","ssdeep":"","tlshash":"ab80000e00c2a20c320a00b0bba8002022cc02208888032a882aa828008000008230c8","first_seen":"2025-08-09T23:12:22.084386Z","last_seen":"2025-12-23T16:56:14.779665Z","times_seen":19,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/media/background-video.mp4","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /media/background-video.mp4 HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rapevip.de/login\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: Express\r\nlocation: /login\r\nvary: Accept, Accept-Encoding\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 28\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t8LQbFGK52ri45eaHZExkWUPakYSV0HhG0OkCATP0RTuOOqrONNtUpO16nj3uz2IbgRcy2xMpsudFFcmftfWLhglqxAZvdK6\"}]}\r\ncf-ray: 983d9f1b19d856a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":37391,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rapevip.de/login","fqdn":"rapevip.de","domain":"rapevip.de","tld":"de"},"ip":{"addr":"104.21.54.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rapevip.de/login","date":"2025-09-23T22:54:01.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rapevip.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 20:30:55 GMT","end":"Sun, 21 Dec 2025 21:29:36 GMT"},"fingerprint":{"sha1":"01:9D:40:D0:E7:77:49:6D:A5:6A:4D:C5:65:DA:6F:04:0B:AA:B9:06","sha256":"B4:27:33:99:0D:82:23:55:10:3A:5C:34:A0:4D:5E:5A:F4:7E:A9:34:DD:88:75:FC:30:03:2A:37:3F:82:F2:70"}}},"request":{"raw":"GET /login HTTP/1.1\r\nHost: rapevip.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nRange: bytes=0-\r\nReferer: https://rapevip.de/login\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3ABJ5ME2JGbxxZvHiMwFBEy73pFCEvEZHU.wwjzr4%2BAwrQeeWWG8JtRx%2Fg8VhfGry%2B1PzCSgySxekI\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: Express\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rk8ZqOfj1ytdWQrBB4fjS9udh%2FWw3d2hiDj12ebwJj32GRW7UxBNgKaTR2PbqDiR4yXqJZ7TV0k0E9%2BD3ej%2BOCurTL2GcDwE\"}]}\r\ndate: Tue, 23 Sep 2025 22:54:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 983d9f1b89d956a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":37391,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"2a4d1e597660781b8ade917e3fc8a708","sha1":"7cb7956b176e6300a66d16f1888fe3e99f7c3b94","sha256":"37fd3742b2a87f91c98aa5d67c612299d315a488d95998fbbeec1ea20b1cd814","sha512":"71de5151c1ba8f637b518db53fcb3e096ac717494c9cc971ac7de246fd7a4ae3dce95291e819c721f25d376c6f89b63b20ad336ab0bf9c5cf3db842b495e5460","ssdeep":"192:jp98nkwmn06Ku38xh8aG6QgdTBncG+ETggRxllf1XomDQzy40qRdV9XsCZTT82rx:jp9eIyommaS19tAvx/6QYX","tlshash":"8bf29729a2501456a533e3b8bff6574df6768013d2034e1dbedc138a0fb69984663fe8","first_seen":"2025-09-23T03:29:31.718276Z","last_seen":"2025-09-23T22:54:22.952568Z","times_seen":2,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"rapevip.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-23","alert":"Content Category / Application Block","trigger":"rapevip.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}