{"report_id":"96a736a1-00dc-4e3a-a465-c6aa60a3530e","version":6,"status":"done","tags":[],"date":"2026-03-31T14:01:15Z","url":{"schema":"http","addr":"token-interstate.com","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"104.21.24.9","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"token-interstate.com/","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"title":"Home","dom":{"size":211907,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (61664)","md5":"3be6b767f9a2251746d5762a932e4d26","sha1":"9e7e5cb7e977e0ee4554805062dbbb5e27e15053","sha256":"71989fc26a1b6b0aeede6164e6679da246887ff8ebff2a5ea180dc280cecf614","sha512":"4429545ca9947d4b49d1e60f618bfb0a74bb876b9ac010a601489cd8ce3ee8a232ea62e2676fd8527176ad43ba5dacc3f8195e7a93b3ed681cd295b54328ffcc","ssdeep":"1536:7pvgxwmF0pUoKQF7563ihqdYCjihRcddZDVRKAP9PUddZDaRKAP9PqddZDaRKAPM:FvgxwF7f4wM+Sc","tlshash":"af241bb643e011b2d40387d4e6717a7a725b2cbaaf679fd4c2f49e88e625cdc8c9c450","dom_hash":"domhashc259da212cffa31004634d958336a4b7","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"token-interstate.com","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"104.21.24.9","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-05T14:01:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"token-interstate.com","ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":16,"request_count":16,"received_data":1951769,"sent_data":7706,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.prod.website-files.com","ip":{"addr":"104.18.161.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-01-23","domain_rank":20159,"first_seen":"2023-11-01T22:05:38Z","last_seen":"2026-03-30T10:13:30.871355Z","alert_count":0,"request_count":1,"received_data":52597,"sent_data":513,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"token-interstate.com/","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"545755e73e6b2de27436c28ca72b9617","sha1":"c026af4061beae6b8006e7284835a9b630c9ecff","sha256":"b3a48c710bd1362808d4a59ecf249317bc1cbd010b01674ba1f35c0b93677bb4","sha512":"6d6b0ef4e73e979fe44b77ae8a8f44a9abb2db4393bb6c7f85ee85cc05f4881c7a10ed82c52ab54ef1991e2c76ee55ec7f243107b59fd60a33c55b7194206e4d","ssdeep":"3072:/T3suyHsK3GQQjP8lGucudiESXAtXJ18d1CceAZpHK9JHesiRrFTmVe7h4GqW6OK:r2VUjEk6i9XWJ18d10akVe7wMK","tlshash":"e58477aacbb79e8bf2509f8a74137d8dfcf9c91143b428146f4a71cef48196062d3691","size":405848,"data":"","first_seen":"2026-03-31T14:01:21.527438Z","last_seen":"2026-03-31T14:01:21.527438Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/snowpack.custom.cjs.js","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"879492b78f2d599ef34188818eba3ec3","sha1":"916a539a466684aa2a271a63076c580940a83f5a","sha256":"fe7b349f453d71ecadf45aa9e424454b55c2f3683291ebec109d5ac927942277","sha512":"192be4853538be6147187abe574df89172ac1528f1e5e82930b098c0e649765887760f04289d51480b9dd4b54cdf242d66ec86a4a69e11eb0e3bbedd9b7bc7af","ssdeep":"3072:7FpQewDueYIZR0G3MJ/IF++GuRsIIBqbJ1md1ecoAZn78bjpEyiHfxTaVe7PyMEo:RSpX0tJACqsnBqJ1md1SMiVe7I6R","tlshash":"859422aacbb79e8bf2109f8974137d8dfcf9c50143b42855af4ab1cee09196062d3791","size":412723,"data":"","first_seen":"2026-03-31T14:01:21.523513Z","last_seen":"2026-03-31T14:01:21.523513Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Freact-beautiful-dnd.iife.js%3Ft%3D29582760%26u%3DdWLKuA_CfOFahpWsGDY5MjU2NDQ1MjhjZmYzYzM0MDI3YmM1MSsPMqEnMXmlY_k-cA","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","size":656642,"data":"","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-04-25T14:15:22.343681Z","times_seen":2492,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"token-interstate.com/","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-31T14:00:52.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 31 Mar 2026 14:00:52 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PLiv9e4TvYsooKuvHI9UrPCq2Ao44nn1CQuqJuMiCf%2FotfTr35fa%2FymDtbgIuOLGA2YsysO%2FGMsbqKYBPFrm%2Fd7LyqD2G76vYUTyLYOmATjWLImVu6a%2BQAKTyk4XNLB2Pq062o4ENw%3D%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9e4fe20039d80883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":211690,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (61660)","md5":"a5289b22ffa44717c505947ab32110ce","sha1":"d44d5fc6345147dc7dd98758f77085b4d35513c1","sha256":"73043cdaf02591371ebf66138cdf309354445cb79769055536bfb007b380b0c6","sha512":"e046d6bcd6f2a63299780bb0354970dd03029efc9dfc10300ae1dd2990880fc267d9d97c1355609a28e004775c82e73def3d958d8f1eb144c9212cc503e3f09b","ssdeep":"1536:RpvgxwmFMpeoKQF7563ihqdYCjihRcddZDVRKAP9PUddZDaRKAP9PqddZDaRKAPE:PvgxwP7f4wMSSI","tlshash":"a0241bb643e011f2940387d4e6717a7a725b2cbaaf679fd4c2f49e88e625cdc8c9c450","first_seen":"2026-03-31T14:01:21.501793Z","last_seen":"2026-03-31T14:01:21.501793Z","times_seen":1,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":24,"dns":0,"connect":1,"send":0,"wait":195,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/689ad3276bc428c70432b08a_mhv.avif","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:52.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /689ad3276bc428c70432b08a_mhv.avif HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:54 GMT\r\ncontent-type: image/avif\r\ncontent-length: 1873\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: \"69c1b32f-751\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dA%2BxfmS0PVD6QZQJjPNHPnRpbi2VbCRzjC4OCIcN0gUsAf%2B4V7AEZD5pBcHE0R63m3eUMIdbgC%2BIyYY2Lbg7ovYd8wySTbWxp6%2FdqxmuLEQxtEsxc%2FzxkehMuuJ7oXKL3SMO8pEhUg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e4fe202ae0135a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1873,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"0e09dcece936e8b86dcf572a2f06ebeb","sha1":"29bb71c26b3d176d29790202f72b322f4d5625d7","sha256":"e1708a0bea12c75e4a95b8a5b2fd001d08c081a997e2f27fdddd9c2082cbc808","sha512":"fa63288ea6d55e6124656302936a1f5ff6be23332b4f7ed4d0c875d597cad4d7497bd469d013ddaa8b03b01e00aecb9b4cf8b46e88d83f21484e51978182593b","ssdeep":"","tlshash":"ff310b0e5a35fc33c508133d88d0c212b512486e0327199e7cc0b7658d7a7f6c925c67","first_seen":"2026-03-31T14:01:21.504726Z","last_seen":"2026-03-31T14:01:21.504726Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1973,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1972,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/689ad3276bc428c70432b096_native%20crypto.avif","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:52.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /689ad3276bc428c70432b096_native%20crypto.avif HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:54 GMT\r\ncontent-type: image/avif\r\ncontent-length: 5237\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: \"69c1b32f-1475\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cKelR0KpP8CWR3JFpT98keashq9M%2F8IXE5UFAVxx0e9WyeDksO6WBBAzfOYW%2B1YbNvO3EUUIcaZVY5qSGqwgQHRP9FagQNCwW7kJ%2BFixHtW1jVjVYOk9eMwjCj9BdoR27vCAYrW%2BxA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e4fe202ae0235a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5237,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"910f53b93016327bbd096e24552d29fb","sha1":"45257416fde1a5baf15a5befb55f60fb24b59099","sha256":"87f953365dd98ca3d970f2ed2f17a0f34d23dc815300041b246cd75c07ec63c3","sha512":"d64446fdf5bf1eca3e2451d17b09074bdc71f85444eb6381f1a5e8094a5a3ab9ad31f1428d92aca80640c7597bd96049639384e657dafce33ed77414bca399f2","ssdeep":"96:rGYgvrDVXGdgrJZsqv0drC/lTpPU+YoUj1Iau0qJNIuBWxQVvocr7:rGDIdgrnsqKC/lTpPU+tUj157mVmi","tlshash":"12b16d2e17e80e17e81c313da2364ac222534311e346704bbc073ef8562a66ffbd96d4","first_seen":"2026-03-31T14:01:21.507397Z","last_seen":"2026-03-31T14:01:21.507397Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1990,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1989,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/689ad3276bc428c70432af38_image%20(3)%201.avif","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:55.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /689ad3276bc428c70432af38_image%20(3)%201.avif HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:55 GMT\r\ncontent-type: image/avif\r\ncontent-length: 185524\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: \"69c1b32f-2d4b4\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sa3v3j9UR3OZxee3XkFpstz%2FGNWbNvOPNFs9%2BkpNjckbo0QZ4CSNWQnhSHtEvBCX3C0twRIw2MdOoUa53m04JsV8GVEnZMf%2FyN4Qr0Imb5Fr6TGU3us0GQMYex2GWCVoN9UpDPF5Qw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e4fe2126f6935a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":185524,"size_decoded":0,"mime_type":"image/avif","magic":"RIFF (little-endian) data, Web/P image","md5":"0b0ec68e9f52060f83d3a3d775d9b967","sha1":"5805f0718f7e13ce193e2d135f02a07d411b7181","sha256":"cf991d1bfce024d6573350ae242a2f5e9d8fa2d0adc20a251ec82ec4f8057373","sha512":"34cad22c2971581ccc3b2f1eb6d88a7c90406f18ad3d34c21bb87cc70636bc49df06782742e79aff4a8b2706baf70e44ce827dcc9c74a104c28ebaddea0520aa","ssdeep":"3072:J6HXzxfbOqOFrEQoT0MBsRv18pq0ipgbwvGPeCIKjx184t6H+jz:J6NlnQMovmpq02dXK384xj","tlshash":"d4041270eb4e5bf5f59c377ba83153d682642e688099ce07b291540cbebff44e58208a","first_seen":"2026-03-31T14:01:21.509679Z","last_seen":"2026-03-31T14:01:21.509679Z","times_seen":1,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/69608834b1be1a556717fb23_687410dd46a8046d516f..._imresizer.png","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:55.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /69608834b1be1a556717fb23_687410dd46a8046d516f..._imresizer.png HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:55 GMT\r\ncontent-type: image/png\r\ncontent-length: 2024\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: \"69c1b32f-7e8\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Vt%2FVg%2BEhxnxlJlDGSgWP0gBTCdV8v8smgQy%2FUrPKv2hriI4XwxbY3kBO%2BzVuLeB7nRuc%2F7D18hbJ6%2F44S%2FfOTrQQIZVu%2Br7YbQM9QgPi1xEWvggrRF6YWw9P2Y4lBPWRh1soUi1Cw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9e4fe2150fb935a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2024,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"e25cd802cdd987807e2a15b165ed0adf","sha1":"63fca2b0d787b078d59f58556a487f07ba64a06f","sha256":"695e5ac24915bb7746d174f82a6e849d6104850ac8b6ab617605b002958cf2a3","sha512":"b5f87a6e42bb6abbef38c4eeb7f9cd2490e744b415cfa6c6ac00b5d9aef0917a630b07a3bab5413ad338a2b3f2de4b5645d7b574e976087b0b17b7154e73ae24","ssdeep":"","tlshash":"aa410ac03e963063cea0f29b1d633b34d30432a4715936ca3855957c954a4e8be12f96","first_seen":"2026-03-31T14:01:21.51178Z","last_seen":"2026-03-31T14:01:21.51178Z","times_seen":1,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/689ad3276bc428c70432b08b_bloccelerate.avif","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:52.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /689ad3276bc428c70432b08b_bloccelerate.avif HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:54 GMT\r\ncontent-type: image/avif\r\ncontent-length: 6391\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: \"69c1b32f-18f7\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6jNrUn%2B%2FynOZDgco6Fstj3XH59eFQOmGQvshhJyjJjkAUbkqeSpJgFw2XIyrELJFbW7hwdqFoMaX5qG%2BxW0PxyJAI8gxnig7IyOT35DjKAqX4dFgo0yMKMEyCueNK3N50LjaUxE32Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e4fe202ae0335a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6391,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"2620beab7417303e1c35a0d9f77d6868","sha1":"f9ffa20bca8775c6bceaf39da73336c474c65927","sha256":"5b575ff6b04d817950f32e7de397d075ae92cd94409744d8b3f45e6c0664ec3c","sha512":"2adc346ff7d0f827389411b0c359c1c2a6e39d357eb9a36d9752d37d02e4877a95de0ea20ff2873e6a8e0a143e63649417bd620dcab783359e4154d399f45d16","ssdeep":"192:rGDqt3z5WUCbxAcPQommUh99NkIiOFO7Oze9H2s:rD1wVtPGxhyIi97OzeBv","tlshash":"30d18e8a47e62c66dcfc843c2248869db5b17165b0ebbe7a944cf80c9aa4f81d2d1974","first_seen":"2026-03-31T14:01:21.513169Z","last_seen":"2026-03-31T14:01:21.513169Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1993,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1992,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com//secureproxy?s=%2Fjmpd%2F","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:56.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"POST //secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://token-interstate.com/\r\ncontent-type: application/json\r\nContent-Length: 2207\r\nOrigin: https://token-interstate.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2207,"data":"{\"route\":\"8XUwkBv9vhPYfVpD1fxb7EC65sUXJdqr\",\"payload\":\"5uUHPo18hcsZucpDdy9R9kjVEv5vnPx7n1cQFEgHpCFk9YJzm9GbuMrcBsWkUym9zksUU4WNsi5YNzkvQikhStafhf8TmuKFvCvSQixp6yBMLKK5rX46KezcRdoLfZX92pkwJvPXJ2jGvRNmoVYmQUrCHzi9d6aPpcinMu586eVNhY8C9WpXYAbD3Xg3Hz8i7xSwiZgJ1iTEGSiEWdjR9r5jNZreWf7Dx8jq8MQXMJQ1VDA9sq1MZ8uveku9UBpLYCYRQ3pCJ2LyEMJrJYbcLESsDNS2eP8LwvsscGNhFUrkpoTYRMSn2BPJ1Efxye81woDuzosc11n66uSmbFDbs4bVMjLoRyPMU2LMJP44UcFUmGQFMHziZLKRchprb5Hx8HNeEtRKF89Fgzgu5kUHhd3pYaYkMik8DxvJ7owrtAoZnKzRCizysCg7Kno6DfCr5ihXFYEv57RZWfj4ygGwfKRDQdLZyJh2ETy4qdgU4q1HXXZkEfduxujgs6PVZEtwnzv2Gupxvm1jaNomrEntbTMhvYCDCCstgfYmhbBSKYY3o1VEPbqgpr8gLfwVncpRwSfyhZFa8U5c5eeyxgucmgqurZsq6hr753AWw8MNJQbzJ1vuZZGZQLLfL9p8n6HFKsWZG9bySPCVQy1mJzdB3FCxxL6LA3xwvX7t7nHJucTVFN7kfpaah19Bnnka6XcxgeLv2i5k79qBUHANRm2iRFrVaKfvdfqXGCZbhhXHXNK9HGrS5tJV7PbZqpabYQoUcQzcQHwuTPNhc8pX6vqdc7Ae9JhihQAU578PCHic9o1JT64BjPLPCVxQMPeR131nsaSnXUs4av7tjhzZrvKHwpFBMoHBpzjwXNkTrWXv3pQLcxDShN4JeFVqtpA28H25Bpt14tdDQ6fwLbbwYMJkqHBfKxXSujoHKLEhHhtB6Z5C4JbhveUqSGFY5raaWsNAkV9wJK22cy5REn9DAAdEpBApWyuZMADNQCiU17xYgy8uUW5sQKuvfRHCdiw6Youc1CVgptdd75n5QYHeSfuyZ6g5WpNX5UM7V6cFFrgDRAAPHmL64YVKn8GgJgK5evjauL6y743pvcoFMFqwvUdyu5JRtSqLYyEZ8tLRFjaesYRiJxnNdCmrqUJPuXyBWcTTC6PJRCWBkjU3ACP3MgcGGYQDu7reMh1WqTa9reBBA7CqQzu49YcP5s4YzhcCE41fqFqjHqQK8g6eGHsutPw6tBQzn6qx83GuEzRuoENDwhBDteVCYFQSC1EitfjAQEsHL8H6AY4DBmUmLZ3C9944Gw6s1E415nfCQ8zV6mrhK8THEqn5HXoQnj2NaMuNYW6B5WRaujXn7CQgPEziSxGjEjxHkEcGyvD6Pdxp76WZQENzJMzRDkp865xRn9SgbXX9D5WiUYMdGRQWFZCvTHo8VKNdD8bJLi3YxYhBVXQdNXwKfixhrbeiLhaGqwrTfneU8hueGm4PrvJZMKXWgdNs5CkrgoBXTpaSoEDm7UQd7xhX3WddiskkLVoUmLe7wwsumnjjhEoBQJjhk78PKo26c2uN57UPL23TVys4hW2uHKiwSCsvaj4ZSvTS3dQqRhALnkcJsRWHjygGuZasP6BM6VCjrVZW2kHL83KYTvrPDWRMuFtWoh9v6EBynfy8tur5N4EPwJE3b4pXeWg1zMCqsk97DbmJAUm8yqP7s8Xo59F5d8jjFdqQm8NS6isNFw8rgYZABj8jTT98ntxeFGkaYcVf5XEhafeEJedKkUJkqM4gp3YmCpwqHNfVJzFLveEdwe2cRo3adncSbijBnirMo8z7xiDLYUsPvR8SBqsqZYXGX9fr1T6eNqvXUhwb6goRozpxn6r3S5VeTg7BCxmiYzyFiwirJMHgwD5tDpSg3bZdNMUP7zMXLFkzQbKM2UtE6XwL2eQJKyhe5hcgrAi5vh1UYi6cHW4a1G7E8yLXDAkCLtoVFd5qye414LmQKrinv2ygWx5KDgr6eQ6kBppDxw4WPukTCRJ7pnXrPrJx6phWnfc42vWgdftT54QwngACXefJ9L9V9UFHLx8tzNPVuWeD4s5CNJ9HMaufBQbZrSmspeDtspka1ngU9E1EkSPvDHrCVXmiznRri8dc3o2YiZBRmVdRfb2aGVbnh2\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:57 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"cb-SyzScKSv2wiriXfMc8Ybe0RC5mA\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9998\r\nx-ratelimit-reset: 1774965717002\r\ncdn-proxyver: 1.49\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 03/31/2026 14:00:57\r\ncdn-edgestorageid: 883\r\ncdn-requestid: 41c2f5a973bd7b5f4d9b4a3d9d440f66\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AtG3EQCyx2MxxuArB6oyfIn67KSrhHb1t99L6CvugTIJoobqPhx%2B8aRjciEUJgvkA%2Fih13RDyohcygRNRU%2F5lcbb9nskBZEyRAYwFIg%2BWn15NEImAIzOXERrrhnsXK97PurASnwwpw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e4fe21b383235a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":203,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"cd63c7a74597d736bf9d3ba718aadd8b","sha1":"4b2cd270a4afdb08ab8977cc73c61b7b4442e660","sha256":"f5a1588fe72eb4159404d8d4e523648bedcc1f0fa62d65a676be9ce52c364e25","sha512":"aca44c81f92868f9c3d7c07cbcb4b4eafda392c2bb4e194c7f64b63318f808808daf8f1c9a839d2b45d3f7b3e4dc8c443c5494fceeda5811e5f41a2df40dae19","ssdeep":"","tlshash":"1cd02314802867195d4c3d97a44c3d3077552b6e21815175131c2921a710d041532936","first_seen":"2026-03-31T14:01:21.514484Z","last_seen":"2026-03-31T14:01:21.514484Z","times_seen":1,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":537,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/interstate-website-7228746976d291efd0e9.webflow.shared.1d8d15033.css","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:52.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /interstate-website-7228746976d291efd0e9.webflow.shared.1d8d15033.css HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:54 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: W/\"69c1b32f-1cf53\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5dE2Ln0DUZFlbPXg1SXVkBIj9uBMJnYz3%2BimjElqYYAQaw8h4x35yVW%2BP4zurCwGeFgQmZfG9ekhH2fcsb27fNy%2Fc4p2U033luGkjhwm9ea6YXz7rMi6fiearTpijeJbGXJWvmOHcA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e4fe2029dfe35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118611,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"60c794a8615a18ca4a021c20ea4b6adf","sha1":"ce82b4e34238e71093ac3bc143eeb789735157ab","sha256":"5874951931580a30cec8a5dd022e4b3dbeb22b0e6c0fb481e13d0bca3be8b2f6","sha512":"616dcb6111b80d7576f01ec58d0202271d50334bd27b8370716a67976a5b9951a3736267943026ebb7de809d66f0e01184ddb66bf4458dc88aacc53f31e82e22","ssdeep":"3072:VyP0XcPycVSZ6Bxt1FBBXoEL8NTh9hUh6hyG:VyP4cPycsZUTXoEAh9hUh6hyG","tlshash":"f0c366d66bb11114bc1ba4b96ee69b05733e8083d30ecea97ad0604cdfc92d51873bd9","first_seen":"2026-03-31T14:01:21.516006Z","last_seen":"2026-03-31T14:01:21.516006Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2017,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2004,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/secureproxy?e=ping_proxy","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:55.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://token-interstate.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 4\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nlast-modified: Tue, 31 Mar 2026 14:00:55 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bgBkiJ6A1MP1P%2BwS%2BIvXB1kvct4kBJ2wCNFOR5VvXynmkYNsPL%2FC2M4Q7S8%2BY6SbrjG4yVvRdZcDoj0cMFS%2FCe%2BVuN1v7Tl%2B%2Fa7hJXzNdYaVaN71rHZ02aSct3oVx91pSGa8s1E67g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e4fe211bf5935a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"6fdb087aa3fbfbcb8287a593a0919e61","sha1":"0e514a0662bcb69dc863953d1ce26e3d40e81a87","sha256":"9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2","sha512":"be5457d14c930b51b47ab152850c1ceaafe6ef88c8671b48164abbc83410b0c07a1e178540f6cdeac5f2672cadb1d1cbbb3434b3e39bc2c50c4646a2bae57437","ssdeep":"","tlshash":"fe300000300000000000000c0000000000000000000000000000000000300000000000","first_seen":"2023-04-12T09:14:15Z","last_seen":"2026-04-25T23:41:03.942212Z","times_seen":8450,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/689ad3276bc428c70432ae83_logo.png","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:55.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /689ad3276bc428c70432ae83_logo.png HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:55 GMT\r\ncontent-type: image/png\r\ncontent-length: 18325\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: \"69c1b32f-4795\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hFvMTr62dyTIRE8dPbHPmZWt3gx%2BrdZYOAUDA0sgWTEjY7d6SJdCsf9EkG1TtkmN1T%2BRD4iL5PY8OqUspKSiCatbMeaeX4XmXtsCjD9Sfe3yB40D8McSf0mutGAu5ejdtn6RYYyGxQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e4fe2124f6335a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18325,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 147 x 128, 8-bit/color RGBA, non-interlaced","md5":"6979521b5fc75c260c5a1556c402034f","sha1":"25454c86c4b75aeb618ad00ac556ea69f984d593","sha256":"eb8df1776ddbec15c7450afd6e925226d63a172eca2be4b012c421d542f36c51","sha512":"e39f1e447c3edff6db0d0af9af48598951cd4dd4533b79b97cd911b69c6b04a2fd006f65f42b59a0fc83d427046c039e81a7d1fc16b7bd76f48cfb7e16c8bf8c","ssdeep":"384:JHK9Xu+PKZ9GPo0Bv2VIRfwnojI+G5sakU8J5AAbkyab:JWu+P49s2IfwneIHOSAIyab","tlshash":"d482c1b7b8442b2a5f54d7dce5030b27aae8758e4aca437399f0073844c46d1e9bcb5a","first_seen":"2026-03-31T14:01:21.517538Z","last_seen":"2026-03-31T14:01:21.517538Z","times_seen":1,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/69af9fcc019c095d028e2483_WmIPI2a2_400x400.jpg","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:55.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /69af9fcc019c095d028e2483_WmIPI2a2_400x400.jpg HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:55 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 10974\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: \"69c1b32f-2ade\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N4NrzZZfVQBuXMD3%2BlvHBRLnmsEGFZ1oNRtwqMlLAzirar2JKIrye31Kx1ZK2hsDiUmk5ogKbBofApch5LsCXLkRHwp7u%2BcgzKJcIPOWFcjvvInp2mkeA0zt7JSzMdb1inNBfRtQuw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e4fe2124f6435a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10974,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"b813d2be87ca6d3c65c4b5c524b97c92","sha1":"dc9801433d88e4feb07dd9d15bdcd0eab63f449e","sha256":"d6819a65e700d159903c6aeb9411395f6ac9e6f5e8f13fab06e0b1e1363e481a","sha512":"d6af95c1d1ae2056c339b6eb48792812d717205d45e17592c14d459fa36cc43c209dd2c6d7dea494f7c38fa673b1b46ec77d8299a6a397ac26a13a99e0e5c21d","ssdeep":"192:sryjm9cddeFVLrh/LdwBiouY/ihdpMFtDwb8U6ywb1XEilVLoR9CsfvH7ksRd6i:sGGcdde3nhzyPuZhvQtXRv6Zv36i","tlshash":"8732a0ca3a1cab44f48ecb74acc26314d3533ea15a78e35fd183180613ed5ba359c1d9","first_seen":"2026-03-31T14:01:21.518493Z","last_seen":"2026-03-31T14:01:21.518493Z","times_seen":1,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/689ad3276bc428c70432af39_image%201.avif","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:55.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /689ad3276bc428c70432af39_image%201.avif HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:55 GMT\r\ncontent-type: image/avif\r\ncontent-length: 161802\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: \"69c1b32f-2780a\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dwxRVXrjl8SIHjPJh%2FC37pVNt0pxaPHoQ3lxk%2Blo7DTWM%2F67mKNg%2BAhHHl0CQ%2F5CdPhyW7wH7MAJRuqu8r8KNBoFOLZlM0eHb321XoWlT2el1Ifsq6brYK35Bqg0t1cpk1mfmufsow%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e4fe2125f6535a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":161802,"size_decoded":0,"mime_type":"image/avif","magic":"RIFF (little-endian) data, Web/P image","md5":"d860a800ba4c7aede0b838f1cefd0143","sha1":"50a6f6577bf900d35cdb4caf796139bd16bc0e92","sha256":"9b8120b5c3c8ef6dcf14c42d4f910883ed93347f2d66388342f3a394eac07d93","sha512":"5ccfb9171385b006e855ea1d7aa16d0e98df773dede8832a6267a82c50fa189998f0e66a516fa31d3f42441eecad647850ade909cf90f5a4015460e84eba3434","ssdeep":"3072:aFbxEzhS/GHkav/p3KzC2+oLoh2gqkKRhyx9IR0reYpHxaOeBiRMJoWQF93RkhT6:apx2hSeHkaKEMgqk68gR40qMq/9BkfDc","tlshash":"39f312d50f871a7dd78373ee91e7e830c4df30ac19114aa1a68a8eb614936795fc31a4","first_seen":"2026-03-31T14:01:21.51946Z","last_seen":"2026-03-31T14:01:21.51946Z","times_seen":1,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.prod.website-files.com/68681bfa695477caca382f7c/687410dd46a8046d516f44ce_Frame%202085665670.png","fqdn":"cdn.prod.website-files.com","domain":"website-files.com","tld":"com"},"ip":{"addr":"104.18.161.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:55.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prod.website-files.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Feb 2026 00:51:58 GMT","end":"Thu, 07 May 2026 01:51:37 GMT"},"fingerprint":{"sha1":"57:A1:73:C0:08:07:F2:DD:56:2A:DD:FF:51:D4:A5:62:53:C7:9A:8E","sha256":"E9:8A:00:BD:F9:8C:57:70:7F:31:ED:E2:BE:3D:E8:0B:D1:09:B4:07:B7:19:9F:0A:04:46:22:1B:EA:3D:8D:24"}}},"request":{"raw":"GET /68681bfa695477caca382f7c/687410dd46a8046d516f44ce_Frame%202085665670.png HTTP/1.1\r\nHost: cdn.prod.website-files.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 31 Mar 2026 14:00:55 GMT\r\ncontent-type: image/png\r\ncontent-length: 51942\r\ncf-ray: 9e4fe2152eb00b65-OSL\r\nx-amz-id-2: hvgD2L+EXQYmm9F/ggLIJ75rotnO/rdFy9Xijrkt++BEnmBqvxZQ/4ncIIcz9Vx2YS7VyiHfIzw=\r\nx-amz-request-id: YDCZC0A2G2FXA2E9\r\nlast-modified: Sun, 13 Jul 2025 20:02:38 GMT\r\netag: \"b7169192120e5ccf3fae99f9783aaf30\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31536000, must-revalidate\r\nx-amz-version-id: 33zvd90xiuIALoAtaVBvSJwHUpEIiiEz\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":51942,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"b7169192120e5ccf3fae99f9783aaf30","sha1":"e9afed6e399ddbcfab26d8c3c99897c371110f8b","sha256":"517faf34d96df30f494a732106afb21b2a16bd056761eff0e3670dd826041857","sha512":"e1517192ca103f8020443c5988cb675e21ac63ee09aa3f4220c867243e7d208d1ffe4764e0fbc01e712a28a8a01bad7855a974fe48a8843fc1176a32a96ce5f5","ssdeep":"1536:aCNEREkgXUlGuCyfnPR1kTUhAMzvnF34gFzFP:TNEeE3PRLhAev15FF","tlshash":"453302d629e1c9e652cb3b25d075bb78cf382094998f2703b704285f6824cf54e76de6","first_seen":"2026-03-31T14:01:21.520712Z","last_seen":"2026-03-31T14:01:21.520712Z","times_seen":1,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":79,"receive":3,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/css.css","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:52.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /css.css HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:54 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: W/\"69c1b32f-18560\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ctE%2FgbrwyoKErLbV5cqZzKkFMwqnaCWc2YHSnz%2FzipUzROJuLRL9GRLeWY3LCEwhnYt8QgHF%2B6EMWekF41zH9cNB50FmGlUeF%2BHVT%2FsJXkBQkA7Fys5MTquSQji4Ehx6%2Fh1RdHwRPA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e4fe202adff35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99680,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1572)","md5":"06b2d84994510a6cf012231392cacb8d","sha1":"35e1c669b004ae4c2858f55c16612e752e2d17f0","sha256":"d42f1006bd15c715ead5e610a87f60b82c65ab8e44ed850a28a9240aa123bda5","sha512":"94ad527f071f392180bd3a1b621b3a3eb7feb7ca6e679664feb2351302cb42cc14b2428ef3bda579085f62fd8c1b222313e5d1ce23d155841f8ea950aec10c50","ssdeep":"768:QTyqFgvPGmxc7pkHu4v1H+x/nQZBTaOQgYwu:QGc8eM8yOkR6f85W","tlshash":"35a3bba0042b5400a3872ce223ce7e32de5ee244b144d435affd5b1beddada662b535d","first_seen":"2026-03-31T14:01:21.521863Z","last_seen":"2026-03-31T14:01:21.521863Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2005,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2005,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/snowpack.custom.cjs.js","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:52.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /snowpack.custom.cjs.js HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:54 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: W/\"69c1b32f-64c33\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZUK9diLPOxgHJhggzh5%2BqR0HYO%2BMIGyNveslKWt0UQiyKZ%2B4zY%2BwF2Ls%2Bj81geNeIp8iaWM7cnOG%2BOBgOTUbXHKvS2%2B%2FMdu7QZCdinWcMu%2FMHBySGCJSLaG8U4uzyCcNpKb%2BCr0kJg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e4fe202ae0035a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":412723,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65159)","md5":"879492b78f2d599ef34188818eba3ec3","sha1":"916a539a466684aa2a271a63076c580940a83f5a","sha256":"fe7b349f453d71ecadf45aa9e424454b55c2f3683291ebec109d5ac927942277","sha512":"192be4853538be6147187abe574df89172ac1528f1e5e82930b098c0e649765887760f04289d51480b9dd4b54cdf242d66ec86a4a69e11eb0e3bbedd9b7bc7af","ssdeep":"3072:7FpQewDueYIZR0G3MJ/IF++GuRsIIBqbJ1md1ecoAZn78bjpEyiHfxTaVe7PyMEo:RSpX0tJACqsnBqJ1md1SMiVe7I6R","tlshash":"859422aacbb79e8bf2109f8974137d8dfcf9c50143b42855af4ab1cee09196062d3791","first_seen":"2026-03-31T14:01:21.523513Z","last_seen":"2026-03-31T14:01:21.523513Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2037,"receive":76,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/689ad3276bc428c70432b097_marshland%20capital.avif","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:52.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /689ad3276bc428c70432b097_marshland%20capital.avif HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:54 GMT\r\ncontent-type: image/avif\r\ncontent-length: 43506\r\ncast-mode: default\r\nlast-modified: Mon, 23 Mar 2026 21:39:59 GMT\r\netag: \"69c1b32f-a9f2\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pkycbNlVc79GNA%2BCZnQAXU2IZdIEnHjy3Evs5VVE05fHB2v08Dy8AWQIQTyhDRJBe4KEiNnNXih3LIBJ%2FezwMkEFoP3zWcARXd0%2BKXusZYrsYlRXTqINm97h%2FV6NqABBuSn1Pt31iQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e4fe202ae0435a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43506,"size_decoded":0,"mime_type":"image/avif","magic":"RIFF (little-endian) data, Web/P image","md5":"6210a03ce1d103ee3134b87cb865afad","sha1":"760386edfab9ee4594cb9b5a9ea912838a4ce1f7","sha256":"59e5af8ba7a74a40b8978911c91c2d1ad61d181bf6095196f3f60cf6152cd33b","sha512":"fdb67ac071b74962b1ed33e7dbc1b6d91e4d8a999d51274ed9025277b2b5ae631c313ea39dd0a759ecfaf1d0a9fbb9d975d1f62a4d8ad8b6b23b4c31f3c830db","ssdeep":"768:QxeH752hPISBqzASV9IPLvpc2bD/JwzsByN+fjqvlpjHaR/4wpHHtfh5:QxeH7whwSBqCDi2D/JByk+pjHixtJ5","tlshash":"b513f1ff4c71edbcb8d55872e18281cc80c5e54a9d2d539003a7f41b2b67ba68d5f918","first_seen":"2026-03-31T14:01:21.524807Z","last_seen":"2026-03-31T14:01:21.524807Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2046,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2002,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"token-interstate.com/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Freact-beautiful-dnd.iife.js%3Ft%3D29582760%26u%3DdWLKuA_CfOFahpWsGDY5MjU2NDQ1MjhjZmYzYzM0MDI3YmM1MSsPMqEnMXmlY_k-cA","fqdn":"token-interstate.com","domain":"token-interstate.com","tld":"com"},"ip":{"addr":"172.67.215.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://token-interstate.com/","date":"2026-03-31T14:00:55.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"token-interstate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 20:22:56 GMT","end":"Sun, 21 Jun 2026 20:22:55 GMT"},"fingerprint":{"sha1":"24:36:16:2F:09:B0:C3:63:E7:2B:C1:06:AA:D0:20:71:3D:63:3A:86","sha256":"47:E2:EF:F5:09:38:B0:10:91:7A:D1:E6:8B:2A:8A:56:4A:02:93:F8:84:23:1A:2D:A8:C9:1D:78:54:AA:16:93"}}},"request":{"raw":"GET /secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Freact-beautiful-dnd.iife.js%3Ft%3D29582760%26u%3DdWLKuA_CfOFahpWsGDY5MjU2NDQ1MjhjZmYzYzM0MDI3YmM1MSsPMqEnMXmlY_k-cA HTTP/1.1\r\nHost: token-interstate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://token-interstate.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 31 Mar 2026 14:00:56 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\nvary: Accept-Encoding\r\ncache-control: max-age=2592000, must-revalidate\r\netag: W/\"a0502-14+i6Bt7XM8ofHk8WpmFyqoPYWI\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=react-beautiful-dnd.iife.js\r\ncdn-proxyver: 1.49\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 03/31/2026 14:00:56\r\ncdn-edgestorageid: 879\r\ncdn-requestid: b5ce14b0a0eadd627ee27bf80624a67f\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lAVwGRPvVwk103mRj4TyBj%2FtpIroyLKIsQ3%2B36l7%2Fy1LJYbdkR3SkFRRSUtpEBxbrL5wnV9AmgVi5An0s6XgXxtoKvCToDuaWVyxWxA9%2BBCmh%2F0tlLNVcdCdOMPUzTlKP0FcXEVSdQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e4fe2130f8435a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":656642,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-04-25T14:15:22.343681Z","times_seen":2492,"resource_available":true,"data":null}},"time_used":926,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":810,"receive":116,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"token-interstate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}