{"report_id":"985b42bc-8cce-4efa-ad25-d29a93737d16","version":0,"status":"done","tags":[],"date":"2026-06-24T10:29:44Z","url":{"schema":"http","addr":"igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982","fqdn":"igsorteofifa2026.registo-seguro.com","domain":"registo-seguro.com","tld":"com"},"ip":{"addr":"75.2.43.161","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","fqdn":"igsorteofifa2026.registo-seguro.com","domain":"registo-seguro.com","tld":"com"},"title":"Document","dom":{"size":52538,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (52437)","md5":"b95be5bc7058a00e8e7e4d923688f7f8","sha1":"17ad608fdd3265fe4d6de72726df2e70281032a8","sha256":"8ceaf7f13442b71f4c4a1d6d4866445da57fa1259c17b6f52bb173be079d804c","sha512":"3492011f1fe30990b227aaae59223ec2eeba57d5c59c98e95eb55bf9418fc3777967e1d5dad3e8f9c46eba04f2b1e2985766761f5fc8b1327afa8c4b4e69b198","ssdeep":"768:82RjZsM/IGQSstszrszzmL4o3FcjtFf96cIIjaXskc5ZKFd:3b/IGL+sfszzmL4oVcBPRza8w","tlshash":"5e33e81a1e5b14326d9759ed7ff24b09377240b2c10784743fac9394d3caa24a6ba7ec","dom_hash":"domhashd26e554b719596b2733492b01ab2d8e5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982","fqdn":"igsorteofifa2026.registo-seguro.com","domain":"registo-seguro.com","tld":"com"},"ip":{"addr":"75.2.43.161","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-29T10:29:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"igsorteofifa2026.registo-seguro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"igsorteofifa2026.registo-seguro.com","ip":{"addr":"15.197.129.158","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-08-13","domain_rank":0,"first_seen":"2026-06-24T01:07:52.114478Z","last_seen":"2026-06-24T01:07:52.114478Z","alert_count":3,"request_count":3,"received_data":56835,"sent_data":1866,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Django","description":"Django is a Python-based free and open-source web application framework.","website":"https://djangoproject.com","common_platform_enumeration":"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*","icon":"Django.png","categories":["Web frameworks"]},{"name":"Python","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}]},{"fqdn":"static-resize.takesecurity.com","ip":{"addr":"3.164.240.27","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2016-08-05","domain_rank":0,"first_seen":"2019-12-28T19:33:14Z","last_seen":"2026-06-23T12:56:28.595956Z","alert_count":0,"request_count":10,"received_data":229057,"sent_data":5792,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.65.155","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-06-21T23:50:19.101112Z","alert_count":0,"request_count":1,"received_data":90143,"sent_data":445,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.65.155","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-06-24T17:14:36.570651Z","times_seen":484051,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","fqdn":"igsorteofifa2026.registo-seguro.com","domain":"registo-seguro.com","tld":"com"},"ip":{"addr":"15.197.129.158","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"cb393423002d39c9cb60f2660d5b7168","sha1":"1ba73303536c2edcda9a47de9297ea26a9c341e5","sha256":"5df831092575ba6bcf7a3d7ecdf5eaffe8d9f59ddfa8be8ae5bb9d23a0c5bcc0","sha512":"4c67ce5dcc6ededeb93a11bcf76807e4c14d81c7fa881b422d75f33cb9908acc466b47e22f4576bf84a8b0320fbf90d2e986553e74939616e55ae20492ea65c1","ssdeep":"96:r4c8hhzsShsmLYO9frZ9dtopDsWRpVqFAVfpPdnVtlnTlnqUyJFstk:rHSzxGm/tZbtopD1RpVqFAVfpP2","tlshash":"08e1ecab7adb143604db75ff2bd78644397100525982c5003e6c8b9223a2eb1e6bf7e5","size":7176,"data":"","first_seen":"2026-06-24T10:29:47.058898Z","last_seen":"2026-06-24T10:29:47.058898Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","fqdn":"igsorteofifa2026.registo-seguro.com","domain":"registo-seguro.com","tld":"com"},"ip":{"addr":"15.197.129.158","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T10:29:21.603Z","timestamp":1782296961603,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.registo-seguro.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 23:44:01 GMT","end":"Wed, 16 Sep 2026 23:44:00 GMT"},"fingerprint":{"sha1":"95:0E:1B:9D:D8:EE:26:EA:30:83:A3:EA:BB:97:61:3B:FE:F0:25:61","sha256":"1B:6A:73:62:44:8D:20:6A:00:49:53:86:30:5A:FE:DC:A7:DE:79:CC:F2:12:33:95:AC:33:11:B9:61:2F:F8:11"}}},"request":{"raw":"GET /c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/ HTTP/1.1\r\nHost: igsorteofifa2026.registo-seguro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-language: en-us\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ndate: Wed, 24 Jun 2026 10:29:21 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreferrer-policy: same-origin\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=q4YeBXIeWnD8zdKpZfyNpco0Z5Fk1f2p2PVLAjqXCEM%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1782296961\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=q4YeBXIeWnD8zdKpZfyNpco0Z5Fk1f2p2PVLAjqXCEM%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1782296961\"\r\nserver: Heroku\r\nset-cookie: csrftoken=Kr4qemswYJDvouL8HtG1zmO9uHcePGdq; expires=Wed, 23 Jun 2027 10:29:21 GMT; HttpOnly; Max-Age=31449600; Path=/; SameSite=Lax; Secure\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Authorization, Cookie, Accept-Language, origin\r\nvia: 2.0 heroku-router\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 53413\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Django","description":"Django is a Python-based free and open-source web application framework.","website":"https://djangoproject.com","common_platform_enumeration":"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*","icon":"Django.png","categories":["Web frameworks"]},{"name":"Python","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}],"data":{"size":53413,"size_decoded":54528,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (53404)","md5":"3df64f5c7c0b22aafc407f70a32ae140","sha1":"7199987b11d1b6bb94347a2f819c843eb11de2fe","sha256":"5e711acb12b9633a6d4f717aaee16e72670bdf6fb54871d4d9982bbe20a64d5e","sha512":"51eee55c87d645bcefaf23bc47178fdb69479379f6b50de34157281f32855c188b87142f69b011919beda7151e0d0f1c5b65f28a44578c6f04e351f3e56a3c1b","ssdeep":"768:A2RjZsM/IGQSstGuzPO4hWVXhLXU9OY9rRDXc/w8/z5ZKFs:7b/IGL+G+PO4hWVXdXUPrZc/LD","tlshash":"6b33c71a1e5b14326d9759eebff24b06377240b2c10684747fbc9394c3c6a24a6ba7dc","first_seen":"2026-06-24T10:29:47.044031Z","last_seen":"2026-06-24T10:29:47.044031Z","times_seen":1,"resource_available":true,"data":null}},"time_used":189,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":109,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"igsorteofifa2026.registo-seguro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static-resize.takesecurity.com/filters:format(png)/images/phishing/shared/1/Lg-logo-v2-1696340744.jpg","fqdn":"static-resize.takesecurity.com","domain":"takesecurity.com","tld":"com"},"ip":{"addr":"3.164.240.27","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.388Z","timestamp":1782296962388,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static-resize.takesecurity.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 26 May 2026 00:00:00 GMT","end":"Wed, 09 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:EF:E1:E8:84:03:8C:05:2A:E9:8D:34:49:85:48:2D:F8:3F:79:E4","sha256":"EF:E5:45:DB:0B:CC:C3:EE:05:C1:D9:99:37:22:B9:C4:5A:A4:85:7A:05:CB:BF:BC:04:3E:0D:42:AF:A9:59:05"}}},"request":{"raw":"GET /filters:format(png)/images/phishing/shared/1/Lg-logo-v2-1696340744.jpg HTTP/1.1\r\nHost: static-resize.takesecurity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncontent-length: 21676\r\ndate: Wed, 24 Jun 2026 00:33:32 GMT\r\naccess-control-allow-credentials: true\r\nx-amzn-requestid: 36c31fd9-d334-44fa-aec6-3d9057bb6dc0\r\nlast-modified: Tue, 03 Oct 2023 13:45:48 GMT\r\naccess-control-allow-headers: Content-Type, Authorization\r\nx-amz-apigw-id: fcLaZHVoDoEECmQ=\r\ncache-control: max-age=31536000,public\r\naccess-control-allow-methods: GET\r\nx-amzn-trace-id: Root=1-6a3b25db-05a71a3a1bbe52e35873c24a\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b5ef788d0f05b31973ca8ae989fe9748.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: zv0eHauUVCxXMT96O3O5Gml-ilw_suOICe64I1b2RUsAGbJmvipqeQ==\r\nage: 35750\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":21676,"size_decoded":22373,"mime_type":"image/png","magic":"PNG image data, 196 x 186, 8-bit/color RGB, non-interlaced","md5":"7f6325c8f1ee32814f31d5da60598e82","sha1":"f5f8f881d127fd3d35563d29326e8ce38966082e","sha256":"92ccc6dd60b75077f77048b8677ae7dc8c71ca2ceda465c5dd228e8fdde33ddf","sha512":"fc4246d17d1f9943174d02f8e6c1ea70299c55ec0252d510a6850637a2d45e63e86af6a0e642aa8f628cca51e75560424cd87beea423a688beee0e743d3632a4","ssdeep":"384:2esu2SaceQvwNQ6bwoWPRLWuivMhvmPqX+42ce+N4ParuyK03X4mr469z7GH4sDI:Cu2Sl6bw74u2Mh+kvTtruyJTpz7GH4kI","tlshash":"f9a2d19c03016f95a5857a2bf86f8f762ccb8da4716674b6f7205c845c760e68013ebf","first_seen":"2026-06-24T10:29:47.04522Z","last_seen":"2026-06-24T10:29:47.04522Z","times_seen":1,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":11,"dns":21,"connect":8,"send":0,"wait":34,"receive":1,"ssl":250},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static-resize.takesecurity.com/filters:format(png)/images/phishing/shared/1/google-color-1696340755.png","fqdn":"static-resize.takesecurity.com","domain":"takesecurity.com","tld":"com"},"ip":{"addr":"3.164.240.27","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.393Z","timestamp":1782296962393,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static-resize.takesecurity.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 26 May 2026 00:00:00 GMT","end":"Wed, 09 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:EF:E1:E8:84:03:8C:05:2A:E9:8D:34:49:85:48:2D:F8:3F:79:E4","sha256":"EF:E5:45:DB:0B:CC:C3:EE:05:C1:D9:99:37:22:B9:C4:5A:A4:85:7A:05:CB:BF:BC:04:3E:0D:42:AF:A9:59:05"}}},"request":{"raw":"GET /filters:format(png)/images/phishing/shared/1/google-color-1696340755.png HTTP/1.1\r\nHost: static-resize.takesecurity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncontent-length: 36443\r\ndate: Wed, 24 Jun 2026 00:33:32 GMT\r\naccess-control-allow-credentials: true\r\nx-amzn-requestid: 33d39a97-fb2b-44d0-a0ae-205fbe8c4f7a\r\nlast-modified: Tue, 03 Oct 2023 13:45:57 GMT\r\naccess-control-allow-headers: Content-Type, Authorization\r\nx-amz-apigw-id: fcLaZF7GjoEETIQ=\r\ncache-control: max-age=31536000,public\r\naccess-control-allow-methods: GET\r\nx-amzn-trace-id: Root=1-6a3b25db-4d6b573f47392d4017536b66\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b5ef788d0f05b31973ca8ae989fe9748.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: xtrWNkuybFSL5JDhFvTof0_HiogMqJJtUwjQv2q7GLmvpCTpZHTinw==\r\nage: 35750\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":36443,"size_decoded":37140,"mime_type":"image/png","magic":"PNG image data, 900 x 900, 8-bit/color RGBA, non-interlaced","md5":"6bc49ff29a3dcd024c82712b99014399","sha1":"e49c6501ec6de5a7710604e0a77983acef78496b","sha256":"fae4bada1d5584ba4c1124bd0032ae60f9f015f6f768cdc97f69dc47b1d01285","sha512":"9cacef57275a6eeb2847754cd664d1ea8201839a484b05391fd368b5f0490a037a798767a2673cafeac40bf48ad2b25421fb3771eed9fbf5b7eea3086a91e862","ssdeep":"768:RTsOosYiXxPg1GBXNobk6E94hsEvxH8FU8Uum5YxYaQT3:QchPgcBWO9afxH8HUr3","tlshash":"4ef2e005d4fdc032e2e202b94aebdb542884a4b2477ac4764be7d6cd7921538789d3fb","first_seen":"2025-11-26T15:16:55.403801Z","last_seen":"2026-06-24T10:29:47.046391Z","times_seen":3,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":10,"dns":21,"connect":11,"send":0,"wait":32,"receive":2,"ssl":243},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static-resize.takesecurity.com/filters:format(png)/images/phishing/shared/1/amazon-color-1696340747.png","fqdn":"static-resize.takesecurity.com","domain":"takesecurity.com","tld":"com"},"ip":{"addr":"3.164.240.27","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.398Z","timestamp":1782296962398,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static-resize.takesecurity.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 26 May 2026 00:00:00 GMT","end":"Wed, 09 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:EF:E1:E8:84:03:8C:05:2A:E9:8D:34:49:85:48:2D:F8:3F:79:E4","sha256":"EF:E5:45:DB:0B:CC:C3:EE:05:C1:D9:99:37:22:B9:C4:5A:A4:85:7A:05:CB:BF:BC:04:3E:0D:42:AF:A9:59:05"}}},"request":{"raw":"GET /filters:format(png)/images/phishing/shared/1/amazon-color-1696340747.png HTTP/1.1\r\nHost: static-resize.takesecurity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncontent-length: 12825\r\ndate: Wed, 24 Jun 2026 00:33:32 GMT\r\naccess-control-allow-credentials: true\r\nx-amzn-requestid: 3c87ae5d-a52f-4bf6-aea1-836408f41b9d\r\nlast-modified: Tue, 03 Oct 2023 13:45:49 GMT\r\naccess-control-allow-headers: Content-Type, Authorization\r\nx-amz-apigw-id: fcLaaHdFjoEEBiw=\r\ncache-control: max-age=31536000,public\r\naccess-control-allow-methods: GET\r\nx-amzn-trace-id: Root=1-6a3b25db-153e0bcf1d5fdd4866225c0d\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b5ef788d0f05b31973ca8ae989fe9748.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: QvNiDazoj077j6wQZqjsCepyphQ78FY2NdXcnre34ecLmKyRsXI7og==\r\nage: 35750\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":12825,"size_decoded":13522,"mime_type":"image/png","magic":"PNG image data, 480 x 480, 8-bit/color RGBA, non-interlaced","md5":"95397b518097d71046910e490e049ad1","sha1":"6619cf9329844d5f0b4ec9d9246dc220964e5608","sha256":"b7a3d0699c4a64d9c3b039e3822c233e1723d6638638c181bc23fb5bbc13cafb","sha512":"02e62bec0b89cd6270a43de18143965c54d28fb743bb89b390954a4e45c06567f089c21708d872be296703b0f6989197347e849d63669c1dd7433d390ca69d0c","ssdeep":"384:AnFk0aadEAMcNFklaM558TCTc1kfICBrpHvN9QJt8p:/k7M9aYaTCyYIyM38p","tlshash":"8042d028576fbc28f58a55378a2a46410539311d9c127823b35d7b0afdd3a60c65eb8f","first_seen":"2026-06-24T10:29:47.048287Z","last_seen":"2026-06-24T10:29:47.048287Z","times_seen":1,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":32,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static-resize.takesecurity.com/filters:format(png)/images/phishing/shared/1/LG-logo-1696340756.png","fqdn":"static-resize.takesecurity.com","domain":"takesecurity.com","tld":"com"},"ip":{"addr":"3.164.240.27","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.400Z","timestamp":1782296962400,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static-resize.takesecurity.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 26 May 2026 00:00:00 GMT","end":"Wed, 09 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:EF:E1:E8:84:03:8C:05:2A:E9:8D:34:49:85:48:2D:F8:3F:79:E4","sha256":"EF:E5:45:DB:0B:CC:C3:EE:05:C1:D9:99:37:22:B9:C4:5A:A4:85:7A:05:CB:BF:BC:04:3E:0D:42:AF:A9:59:05"}}},"request":{"raw":"GET /filters:format(png)/images/phishing/shared/1/LG-logo-1696340756.png HTTP/1.1\r\nHost: static-resize.takesecurity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncontent-length: 25474\r\ndate: Wed, 24 Jun 2026 00:33:32 GMT\r\naccess-control-allow-credentials: true\r\nx-amzn-requestid: de1453ed-4042-4f30-8416-5a64b0cb3ec4\r\nlast-modified: Tue, 03 Oct 2023 13:45:58 GMT\r\naccess-control-allow-headers: Content-Type, Authorization\r\nx-amz-apigw-id: fcLaaFiNDoEEUgQ=\r\ncache-control: max-age=31536000,public\r\naccess-control-allow-methods: GET\r\nx-amzn-trace-id: Root=1-6a3b25db-174e1e9f020dd3cd63c1a325\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b5ef788d0f05b31973ca8ae989fe9748.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: VlE4Plk4dHo34AdU5lpKD1e10xu_FlJfPutQH2waWVV36waMX9xlTw==\r\nage: 35750\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":25474,"size_decoded":26171,"mime_type":"image/png","magic":"PNG image data, 442 x 196, 8-bit/color RGBA, non-interlaced","md5":"cb9c281679198033efc8cc276ecad685","sha1":"fdc6270dbbc1251c8d9f691897204d772a599573","sha256":"d3cdd8effafddad13a443dcb96060b27b9230a3c03feeaec8d864325fd30a630","sha512":"9246da5d0dcdbc75e8507e591adf6974f669598da43038f8a0cc0b88704a46f67da7fb5764bf6e82e1917ce62acccb4970b89517a42dc2c00598e0b4cd525ba4","ssdeep":"384:kQwyNZfUS/ftolVa1YisdtUgJ/+oZ/GGnstzKK04Z4nByDyYcl41ReA4MwtoYeyS:oyMS9oDaodPNdgeuZsyDyr41ReActpbS","tlshash":"c4b2d12d049bf4ef586677acc163ecde16be4cf24914005a5faa45cb7784f0b53c44a9","first_seen":"2026-06-24T10:29:47.04942Z","last_seen":"2026-06-24T10:29:47.04942Z","times_seen":1,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":39,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static-resize.takesecurity.com/filters:format(png)/images/phishing/shared/1/apple_privacy-1696340749.png","fqdn":"static-resize.takesecurity.com","domain":"takesecurity.com","tld":"com"},"ip":{"addr":"3.164.240.27","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.406Z","timestamp":1782296962406,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static-resize.takesecurity.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 26 May 2026 00:00:00 GMT","end":"Wed, 09 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:EF:E1:E8:84:03:8C:05:2A:E9:8D:34:49:85:48:2D:F8:3F:79:E4","sha256":"EF:E5:45:DB:0B:CC:C3:EE:05:C1:D9:99:37:22:B9:C4:5A:A4:85:7A:05:CB:BF:BC:04:3E:0D:42:AF:A9:59:05"}}},"request":{"raw":"GET /filters:format(png)/images/phishing/shared/1/apple_privacy-1696340749.png HTTP/1.1\r\nHost: static-resize.takesecurity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncontent-length: 23511\r\ndate: Wed, 24 Jun 2026 00:33:32 GMT\r\naccess-control-allow-credentials: true\r\nx-amzn-requestid: c90b042e-df87-4ba4-adb3-a5b5e2b9db7a\r\nlast-modified: Tue, 03 Oct 2023 13:45:51 GMT\r\naccess-control-allow-headers: Content-Type, Authorization\r\nx-amz-apigw-id: fcLaaEaODoEEKgA=\r\ncache-control: max-age=31536000,public\r\naccess-control-allow-methods: GET\r\nx-amzn-trace-id: Root=1-6a3b25db-131bf1d102031f7a1b7105a0\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b5ef788d0f05b31973ca8ae989fe9748.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: O7xAnJ5wLCuLxySywF2qCWZVVRnKXa479mVrpzr3P3_3OVChL_P5Fw==\r\nage: 35750\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":23511,"size_decoded":24208,"mime_type":"image/png","magic":"PNG image data, 768 x 768, 8-bit/color RGB, non-interlaced","md5":"6b8215efb2acc6a295233124a2646084","sha1":"492d90f3f48ae61a80dfa8f274e11e37e66dbea6","sha256":"abc261b95503268a34c67ff15bf77f38edb37a473e771269c9190b337d0b6632","sha512":"75b2ceb9668c8cc0ef50c9534aa3f27e2dc9646879286915e96cebeb7a823f79023ca076ed746cf80b4589f34b6ca051b4b75b6487f44a7fd250cb4d6464101a","ssdeep":"384:pd1Sbz1DE81ywNcakG0o+cl+f7NZX83KhNObo+ZlqNB7Guk5r8uD3W2if:toz6IUHRDeqG2pGd8uDGvf","tlshash":"48b2afe720664fad5f40125673bf0a18be0f63511b065d8a4679fbcfea59c6342c0d2c","first_seen":"2026-06-24T10:29:47.050713Z","last_seen":"2026-06-24T10:29:47.050713Z","times_seen":1,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":32,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static-resize.takesecurity.com/filters:format(png)/images/phishing/shared/1/amazon-1696340748.png","fqdn":"static-resize.takesecurity.com","domain":"takesecurity.com","tld":"com"},"ip":{"addr":"3.164.240.27","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.409Z","timestamp":1782296962409,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static-resize.takesecurity.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 26 May 2026 00:00:00 GMT","end":"Wed, 09 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:EF:E1:E8:84:03:8C:05:2A:E9:8D:34:49:85:48:2D:F8:3F:79:E4","sha256":"EF:E5:45:DB:0B:CC:C3:EE:05:C1:D9:99:37:22:B9:C4:5A:A4:85:7A:05:CB:BF:BC:04:3E:0D:42:AF:A9:59:05"}}},"request":{"raw":"GET /filters:format(png)/images/phishing/shared/1/amazon-1696340748.png HTTP/1.1\r\nHost: static-resize.takesecurity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncontent-length: 40524\r\ndate: Wed, 24 Jun 2026 00:33:32 GMT\r\naccess-control-allow-credentials: true\r\nx-amzn-requestid: 20544844-82f5-440f-acfc-a76c29e8b6d8\r\nlast-modified: Tue, 03 Oct 2023 13:45:50 GMT\r\naccess-control-allow-headers: Content-Type, Authorization\r\nx-amz-apigw-id: fcLaaEx1DoEEYEA=\r\ncache-control: max-age=31536000,public\r\naccess-control-allow-methods: GET\r\nx-amzn-trace-id: Root=1-6a3b25db-1ef1e88400e08e6641423957\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b5ef788d0f05b31973ca8ae989fe9748.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: Dlo7Ergx2yY6KDvKykFEI84N8uFSAz30a6JtjfaKkwn0vC3bctvyzw==\r\nage: 35750\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":40524,"size_decoded":41221,"mime_type":"image/png","magic":"PNG image data, 1284 x 477, 8-bit/color RGBA, non-interlaced","md5":"9ab153bd62874dc198ebefbf0a260d27","sha1":"eef996cc172d63d26ab15d890e44e920139dd94a","sha256":"6159f6db887b6e64bfab14e407a49c373af2372e311fb02a518b8aeec53fb029","sha512":"fa1916fbf16feebb5b84fdfb90a3aa391b8aff3faf0a7da7bab1cf820ac0c649698dc7443c0a88eca6777fc5d7efe2db75c959049670b62037609cd21f472f89","ssdeep":"768:67Qqa0zNDYSoJJxbTt6GvGWUlK/TKStx8HAyD9XgD4koRuzXH38HSd7p:679xDYDJt6Gv6liOxNA4vsH384F","tlshash":"3c03cf965b34e9c98c9ff938e2d52f5be2eb88c751cb12cafe00526c715cd31644a8c5","first_seen":"2026-06-24T10:29:47.051928Z","last_seen":"2026-06-24T10:29:47.051928Z","times_seen":1,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":40,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982","fqdn":"igsorteofifa2026.registo-seguro.com","domain":"registo-seguro.com","tld":"com"},"ip":{"addr":"15.197.129.158","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T10:29:21.322Z","timestamp":1782296961322,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.registo-seguro.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 23:44:01 GMT","end":"Wed, 16 Sep 2026 23:44:00 GMT"},"fingerprint":{"sha1":"95:0E:1B:9D:D8:EE:26:EA:30:83:A3:EA:BB:97:61:3B:FE:F0:25:61","sha256":"1B:6A:73:62:44:8D:20:6A:00:49:53:86:30:5A:FE:DC:A7:DE:79:CC:F2:12:33:95:AC:33:11:B9:61:2F:F8:11"}}},"request":{"raw":"GET /c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982 HTTP/1.1\r\nHost: igsorteofifa2026.registo-seguro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 \r\ncontent-language: en-us\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ndate: Wed, 24 Jun 2026 10:29:21 GMT\r\nlocation: /c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreferrer-policy: same-origin\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=q4YeBXIeWnD8zdKpZfyNpco0Z5Fk1f2p2PVLAjqXCEM%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1782296961\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=q4YeBXIeWnD8zdKpZfyNpco0Z5Fk1f2p2PVLAjqXCEM%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1782296961\"\r\nserver: Heroku\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Language, Cookie, origin\r\nvia: 2.0 heroku-router\r\nx-content-type-options: nosniff\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-24T17:14:27.879734Z","times_seen":16686402,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":69,"connect":41,"send":0,"wait":69,"receive":0,"ssl":85},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"igsorteofifa2026.registo-seguro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.65.155","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.377Z","timestamp":1782296962377,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 20 May 2026 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DE:F8:0F:C4:8F:BC:F5:01:B1:66:91:CC:15:DC:D8:6E:5D:2F:45:4E","sha256":"05:8E:2E:14:85:E2:41:28:F5:18:A4:37:49:31:2B:0E:24:53:64:3F:02:15:BE:63:EF:F4:B8:53:5A:8B:6D:29"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 24 Jun 2026 10:29:22 GMT\r\nage: 775363\r\nx-served-by: cache-lga21931-LGA, cache-bma-essb1270026-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 373071, 195113\r\nx-timer: S1782296962.412371,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":89501,"size_decoded":31517,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-06-24T17:14:36.570651Z","times_seen":484051,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":2,"connect":9,"send":0,"wait":9,"receive":4,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static-resize.takesecurity.com/filters:format(png)/images/phishing/shared/1/Lg-logo-v3-1696340747.jpg","fqdn":"static-resize.takesecurity.com","domain":"takesecurity.com","tld":"com"},"ip":{"addr":"3.164.240.27","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.389Z","timestamp":1782296962389,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static-resize.takesecurity.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 26 May 2026 00:00:00 GMT","end":"Wed, 09 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:EF:E1:E8:84:03:8C:05:2A:E9:8D:34:49:85:48:2D:F8:3F:79:E4","sha256":"EF:E5:45:DB:0B:CC:C3:EE:05:C1:D9:99:37:22:B9:C4:5A:A4:85:7A:05:CB:BF:BC:04:3E:0D:42:AF:A9:59:05"}}},"request":{"raw":"GET /filters:format(png)/images/phishing/shared/1/Lg-logo-v3-1696340747.jpg HTTP/1.1\r\nHost: static-resize.takesecurity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncontent-length: 7964\r\ndate: Wed, 24 Jun 2026 00:33:32 GMT\r\naccess-control-allow-credentials: true\r\nx-amzn-requestid: 731992ec-e57f-4bef-8bde-da191b5ca02e\r\nlast-modified: Tue, 03 Oct 2023 13:45:49 GMT\r\naccess-control-allow-headers: Content-Type, Authorization\r\nx-amz-apigw-id: fcLaZHrejoEEWwA=\r\ncache-control: max-age=31536000,public\r\naccess-control-allow-methods: GET\r\nx-amzn-trace-id: Root=1-6a3b25db-7eeff01e14c5282b1e75e3b7\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b5ef788d0f05b31973ca8ae989fe9748.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: FcP90xZdfAvSMrrZElibTu6VJ91GJ-K2daWU-dnuV9f_pjcVBbH_eA==\r\nage: 35750\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":7964,"size_decoded":8660,"mime_type":"image/png","magic":"PNG image data, 101 x 44, 8-bit/color RGB, non-interlaced","md5":"b887fe96a2a7f5b5a5f372b25ac6780c","sha1":"82d7d01de3c675b2c7e143d9f802bc62c9b0300d","sha256":"8a1ddc374c78e580ab21b92edb20242edefc355dd2ff2b434dbeccecfff298f1","sha512":"f3d9f78bce4721cd753e31a377b8122b491e6bdadcb333b89ecf4eb108ab245533894f2c7c81ee478372693e9fa9fcc1b4730b1c278cd54ce66bc14f87bf0cf7","ssdeep":"192:VSBYMNRzTXjgjvPKt0yrLoNe0cTzA/MJMsAl0tlB4kI/LY:0BYMNR3jWtyrLj0cfA3HQlBD","tlshash":"2af1ae48e1055ab5e3b4d54e0dae9bbd0b27e05c03a212b69ea6ae73e0600d03865d68","first_seen":"2026-06-24T10:29:47.054197Z","last_seen":"2026-06-24T10:29:47.054197Z","times_seen":1,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":11,"dns":21,"connect":8,"send":0,"wait":31,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static-resize.takesecurity.com/filters:format(png)/images/phishing/shared/1/facebook-color-1696340754.png","fqdn":"static-resize.takesecurity.com","domain":"takesecurity.com","tld":"com"},"ip":{"addr":"3.164.240.27","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.391Z","timestamp":1782296962391,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static-resize.takesecurity.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 26 May 2026 00:00:00 GMT","end":"Wed, 09 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:EF:E1:E8:84:03:8C:05:2A:E9:8D:34:49:85:48:2D:F8:3F:79:E4","sha256":"EF:E5:45:DB:0B:CC:C3:EE:05:C1:D9:99:37:22:B9:C4:5A:A4:85:7A:05:CB:BF:BC:04:3E:0D:42:AF:A9:59:05"}}},"request":{"raw":"GET /filters:format(png)/images/phishing/shared/1/facebook-color-1696340754.png HTTP/1.1\r\nHost: static-resize.takesecurity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncontent-length: 32901\r\ndate: Wed, 24 Jun 2026 00:33:32 GMT\r\naccess-control-allow-credentials: true\r\nx-amzn-requestid: 4f395723-e8fb-4800-a640-9f9551ace820\r\nlast-modified: Tue, 03 Oct 2023 13:45:56 GMT\r\naccess-control-allow-headers: Content-Type, Authorization\r\nx-amz-apigw-id: fcLaZGo6DoEEp8g=\r\ncache-control: max-age=31536000,public\r\naccess-control-allow-methods: GET\r\nx-amzn-trace-id: Root=1-6a3b25db-1a02ba4a743f48d92057018d\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b5ef788d0f05b31973ca8ae989fe9748.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: alk0ZHJdFr1dxqfL-YyyeHQLtqIoSjBX6loUN0EyTIgu0CEF0gcFjg==\r\nage: 35750\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":32901,"size_decoded":33598,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced","md5":"fc84c187e6657ce1d7ccc165100cd32f","sha1":"d3fe8172b7bb2114d7a03dce8230666592654447","sha256":"0ccf28d8001dd92b2fce758c5a213c7d78641c623cb860227a00c4d824e26b07","sha512":"0e01b119d1d5dfb2ab122e5fc0f4a3662f11443ec1865e64d2fcbfacde91df7524acd417abbfb0c935c1febf39040af00fc2a1a7eafedc8a6b659d4420fd9476","ssdeep":"768:bzYUURoVHa6KDNW+MksZs0SjWacvSOR8OBZ/rVlQ04s:YoHa6KDngVK2SMZ/rLj","tlshash":"35e2c0fbcd667ee389e94022e2f85446d9f5d43083252c4c44d3c674e5ecea9c92ac7a","first_seen":"2026-06-24T10:29:47.055267Z","last_seen":"2026-06-24T10:29:47.055267Z","times_seen":1,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":10,"dns":21,"connect":11,"send":0,"wait":34,"receive":3,"ssl":247},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static-resize.takesecurity.com/filters:format(png)/images/phishing/shared/1/espacio-vacio-1696340753.png","fqdn":"static-resize.takesecurity.com","domain":"takesecurity.com","tld":"com"},"ip":{"addr":"3.164.240.27","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.392Z","timestamp":1782296962392,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static-resize.takesecurity.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 26 May 2026 00:00:00 GMT","end":"Wed, 09 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:EF:E1:E8:84:03:8C:05:2A:E9:8D:34:49:85:48:2D:F8:3F:79:E4","sha256":"EF:E5:45:DB:0B:CC:C3:EE:05:C1:D9:99:37:22:B9:C4:5A:A4:85:7A:05:CB:BF:BC:04:3E:0D:42:AF:A9:59:05"}}},"request":{"raw":"GET /filters:format(png)/images/phishing/shared/1/espacio-vacio-1696340753.png HTTP/1.1\r\nHost: static-resize.takesecurity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncontent-length: 2006\r\ndate: Wed, 24 Jun 2026 00:33:32 GMT\r\naccess-control-allow-credentials: true\r\nx-amzn-requestid: 76f462d7-f48c-472f-bf7f-db5d45ef6b09\r\nlast-modified: Tue, 03 Oct 2023 13:45:55 GMT\r\naccess-control-allow-headers: Content-Type, Authorization\r\nx-amz-apigw-id: fcLaZEvZDoEEdBQ=\r\ncache-control: max-age=31536000,public\r\naccess-control-allow-methods: GET\r\nx-amzn-trace-id: Root=1-6a3b25db-1f36494e003ff8fd7a2428e2\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b5ef788d0f05b31973ca8ae989fe9748.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: vbbpYZlQ4LSUMYPH34ha-XQeTKRHs55i8XBSUzqYeU1gmB2oJ09wmw==\r\nage: 35750\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2006,"size_decoded":2702,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGBA, non-interlaced","md5":"2adb22c2c6c317ec26822d61f461d79a","sha1":"c635ecdbd759b297b38dc2c7c3e59ea2969c4d97","sha256":"8fea20c0c158d89a0e803ae96433edc7d289abe80e04fcf60154a127ff904ba5","sha512":"93867852b98be91ce4d914127e7c76fbd14b58988b1dc4619011ecaf0c0e39bd12ce9f4d6be9ecc8a0a7cec5c750cfe5c147d1c9eba53ed370492844d816be43","ssdeep":"","tlshash":"7541238b010d3e61c43c7f2708352d10bb2e7a9a0e03edc2732c442398eb1968a63390","first_seen":"2025-09-27T02:46:03.55114Z","last_seen":"2026-06-24T10:29:47.05614Z","times_seen":5,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":10,"dns":21,"connect":11,"send":0,"wait":38,"receive":0,"ssl":247},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static-resize.takesecurity.com/filters:format(png)/images/phishing/shared/1/apple-1696340748.png","fqdn":"static-resize.takesecurity.com","domain":"takesecurity.com","tld":"com"},"ip":{"addr":"3.164.240.27","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.396Z","timestamp":1782296962396,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static-resize.takesecurity.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 26 May 2026 00:00:00 GMT","end":"Wed, 09 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C3:EF:E1:E8:84:03:8C:05:2A:E9:8D:34:49:85:48:2D:F8:3F:79:E4","sha256":"EF:E5:45:DB:0B:CC:C3:EE:05:C1:D9:99:37:22:B9:C4:5A:A4:85:7A:05:CB:BF:BC:04:3E:0D:42:AF:A9:59:05"}}},"request":{"raw":"GET /filters:format(png)/images/phishing/shared/1/apple-1696340748.png HTTP/1.1\r\nHost: static-resize.takesecurity.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncontent-length: 18765\r\ndate: Wed, 24 Jun 2026 00:33:32 GMT\r\naccess-control-allow-credentials: true\r\nx-amzn-requestid: 018d8289-83ed-4d43-a155-20be1fc7bd06\r\nlast-modified: Tue, 03 Oct 2023 13:45:50 GMT\r\naccess-control-allow-headers: Content-Type, Authorization\r\nx-amz-apigw-id: fcLaaH5SDoEEWuA=\r\ncache-control: max-age=31536000,public\r\naccess-control-allow-methods: GET\r\nx-amzn-trace-id: Root=1-6a3b25db-6fe511f944d9ba820dd152d4\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b5ef788d0f05b31973ca8ae989fe9748.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: yuW6tMQtJu2BHhbgSR0amP9ZTEtHf2uDDAuecNUcuVJ--iFxFi8P-A==\r\nage: 35750\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":18765,"size_decoded":19462,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"d7d8e0914be6760b1a9a41c5c9ee3f11","sha1":"bef4bde8abbabb904dff738dc54e7ab145c8168c","sha256":"91bbf6318ed7621757ab3c85a37ed76d128abd7dad8048553f923b966dadc344","sha512":"2b7ad8fcf3efd122177b6b35ce0a5135518201f837353fed2f6f9587f9919c778483e58a09def2d6097da94c9ef7c6851fd12c98558366d14d27261c155778cb","ssdeep":"384:0egXkpAX6o2cH5alulc+gTk13hhg+Se2ec9lJehgUzvI4XBs1:ZekG6Pu55ETk1zg+SdeMwOUzvps1","tlshash":"2582be478327cda8e6e7543d16bfaae3f5322739bc0a1be1052c2091589ec645c60fe3","first_seen":"2026-06-24T10:29:47.057115Z","last_seen":"2026-06-24T10:29:47.057115Z","times_seen":1,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":16,"dns":16,"connect":11,"send":0,"wait":34,"receive":0,"ssl":249},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"igsorteofifa2026.registo-seguro.com/favicon.ico","fqdn":"igsorteofifa2026.registo-seguro.com","domain":"registo-seguro.com","tld":"com"},"ip":{"addr":"15.197.129.158","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/","date":"2026-06-24T10:29:22.760Z","timestamp":1782296962760,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.registo-seguro.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 23:44:01 GMT","end":"Wed, 16 Sep 2026 23:44:00 GMT"},"fingerprint":{"sha1":"95:0E:1B:9D:D8:EE:26:EA:30:83:A3:EA:BB:97:61:3B:FE:F0:25:61","sha256":"1B:6A:73:62:44:8D:20:6A:00:49:53:86:30:5A:FE:DC:A7:DE:79:CC:F2:12:33:95:AC:33:11:B9:61:2F:F8:11"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: igsorteofifa2026.registo-seguro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://igsorteofifa2026.registo-seguro.com/c/p/tc/56376/102ebf8c-f40f-4acf-afd9-075182c23881-762dffb8-ccf2-454e-84a5-f5fe66ad9982/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: csrftoken=Kr4qemswYJDvouL8HtG1zmO9uHcePGdq\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncontent-language: en-us\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ndate: Wed, 24 Jun 2026 10:29:22 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreferrer-policy: same-origin\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=UqPWSVHcXk9mKyhptEFx5FeTZEU0E0qw033Rdd%2BP%2B3k%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1782296962\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=UqPWSVHcXk9mKyhptEFx5FeTZEU0E0qw033Rdd%2BP%2B3k%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1782296962\"\r\nserver: Heroku\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Authorization, Accept-Language, Cookie, origin\r\nvia: 2.0 heroku-router\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 325\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":325,"size_decoded":1293,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (325), with no line terminators","md5":"f715ddec3e41b0ac5755cd0a756ff145","sha1":"9c4c2164088d0d9429e4d3ef28caa317e51d970c","sha256":"68f071e1bdce4ad1778090bf4c0a27709fb5c55bd4739f9bccc98e50ab5e8b17","sha512":"d146dee8ee82472818b144f7a45e3dbccbd1fc34442fdde9d12a34d615c60238819a22a4b420bdcb097929e27ee9404252da1dcac654ae0cf898843612baf9b3","ssdeep":"","tlshash":"2ce07ddec5d8009edc623565dfe0421a89125b5c670385476cc034f0b99e71b843328c","first_seen":"2026-06-24T10:29:47.058015Z","last_seen":"2026-06-24T10:29:47.058015Z","times_seen":1,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"igsorteofifa2026.registo-seguro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}