{"report_id":"a6d8e427-aac7-405f-aaf8-5e910980bc47","version":6,"status":"done","tags":[],"date":"2026-03-12T06:24:55Z","url":{"schema":"https","addr":"u.nipark.online/","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"104.21.20.167","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"u.nipark.online/","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"title":"Elektroniniai valdžios vartai","dom":{"size":12392,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"c9762179d22ad563f13375be1b8ba262","sha1":"c6325099cb42a6c159e6004437982ba77049b009","sha256":"f1f74ef1de4862f463bf6f396f8d2064f34529c3e66f843ee46d0fe1e333edd8","sha512":"85fdded29e37a7c243a8fdcca5fede0d23d5cc4b7fff4a45c03e9faaceaf42b0328cf16ffcefae09b78341da0e7bf3f7b35202d9243b177f5c4cbcd8fbbf69f7","ssdeep":"96:UlG3RdUkT0ONJoyLEszdST3M6hrnsaMMP+L+G7JgmEA4FlCFZX5kK01/jh1dW4yC:U4LxTbdLEsQzbZsa2l427xi/jh24494","tlshash":"b042ed2058f2552710a294c83e627f1eaed1ea07895bca09baec4fd50fd3e47cd1766c","dom_hash":"domhash87fbab1da04d47c54b232c75246ea715","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"u.nipark.online/","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"104.21.20.167","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":["soteria"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-16T06:24:55Z","useragent":"Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36","referer":"soteria","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"u.nipark.online","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-07","domain_rank":0,"first_seen":"2026-03-12T06:24:27.91488Z","last_seen":"2026-03-12T06:24:27.91488Z","alert_count":0,"request_count":27,"received_data":947506,"sent_data":15225,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"u.nipark.online/socket.io/socket.io.js","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec127053f9c5cbfeeefd263b4b23bc0a","sha1":"11c08d7468ffe8980b0f862280c0c371776938a8","sha256":"bc425714aa8f2547d6939e3721ebafd3830a7562a1f6cb08acc1e794bd707954","sha512":"81ec905226bb2b6632f968b204f873331a4a75f24c0f27d50bb5ea930bec797a7c201eed1eaf1a9ef06cbbe923a722bb54fdcbf2be7147eea00d77a80565a39e","ssdeep":"3072:zLTygH4CO2KsFpWw0axS8RZIXyR7dSGg18FEEaLH32emV/Tfkmh0KbhEGtkSWq:zLTy7X1sFpWw0aTRrgaEEaLH32emV/D5","tlshash":"6ce35f49aaf72051917330398bafa045f239d01b620acd443d1cd7f49f65b3897aafe9","size":155836,"data":"","first_seen":"2026-01-01T23:52:44.961231Z","last_seen":"2026-04-04T03:34:31.588431Z","times_seen":53,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"24b063f225762fd2dbcd36b0a1afd116","sha1":"022d7cb2726271664953a8f6fbbf7754cf3e2845","sha256":"029d104bf9bc98c56f117f5d8bf80425483a22c69249a9d757985fe26a74263a","sha512":"7813bb36675a9b1f41d39a7d390fe65f1f32146684d63715d7012fdda53e1143e14dc2fe8fd04241de75228e2acb5e9f7dfdabec71c73dec446bbf0183deb237","ssdeep":"","tlshash":"58c0c000372335301bc0cad11c19b5b43ae113f1d58a015fa4f710013308d7f0031f10","size":181,"data":"","first_seen":"2026-03-12T06:24:56.633229Z","last_seen":"2026-03-12T06:24:56.633229Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/js/main.js","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffcef970fb5f3435afff7fd92f09c2d","sha1":"56a64e1a08f72a01729609439d39f5eb270ef294","sha256":"4094d495bc8440cc13ffdfe8d49335172f34e3616494a3ce050d117be8175675","sha512":"4807044be8c6e77906b8a935ccfe25629188b9000c9548d2b0d03f1a38a3b7012388929c1ca59838b099b6933601c63a7bad1773a00e96866565335d020a601a","ssdeep":"96:bx1hAOp5SFFeZ1iABNrI/HMTszpDVXVBUBhKCku/lhFSpUwUg7sBE:l3xZ1iCVIETszpDVXbgoCkudvIsBE","tlshash":"82c1320c25b761ab01b2b5bd7baf3524737242173084c88a7d4e47506f67e264b2bbed","size":5630,"data":"","first_seen":"2026-03-12T06:24:32.711905Z","last_seen":"2026-04-04T03:34:31.589076Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/js/page-shifter.js","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1f439667819eab656195abb7114af453","sha1":"4c8392682efd87afca7e79d75c77c4d8b29507a4","sha256":"962712107cbddcfc053d6bb966e987809cd9d9fdd62f1fd65cdc5b549b6511ce","sha512":"5bca5f33c1269c10c22512efed7000dafb1f95e78ae6b3d0b96bd0e2672bf11bff7ffe66f555c552c1df5972d62c298f3d2bee57632e7c462cbf12e68805ac8f","ssdeep":"192:Z99C4KDdbInZVfxatI377nNL8Y4waLkQwrleWvCCoIb9Q9dbXLr2If7NtVa34v0x:FPKDdbmPfx6s8wdIT1OsJtAtUYh","tlshash":"5372300975b62269c43378af27cfa204363661237604d64a3e5e83045fd9ba99273ffd","size":16484,"data":"","first_seen":"2026-03-12T06:24:32.716299Z","last_seen":"2026-04-04T03:34:31.573841Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"24eb2d87b6a597d44a53fd53e1863880","sha1":"4c85d8ee4ff338d7936bbbf4208065d4e6f55477","sha256":"7c3762427f0283c672bbaf42b094bf30cefe00a27eb187aae189d317f5539de4","sha512":"cac50fd86e96f4eac66826413502e419ebb9810ca31b330e9a9fdbdc85922b61ac0522430035b338ec8fbf07467a7fd47384aac5724b4b167bb4b646d3836f50","ssdeep":"","tlshash":"1ad022846a67016093c0e0822c2a127831a603e32cc971a7e7f83600340cc9702b1ea8","size":199,"data":"","first_seen":"2026-03-12T06:24:56.635953Z","last_seen":"2026-03-12T06:24:56.635953Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/js/socket-handler.js","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6eff6feff945b5715c44316a0f29cf27","sha1":"074af2a0e5544078827e72a59382a19c4156b843","sha256":"5ba2c7dc49b2b03b1a26bd8eac057f02ee8b686674e78206cd93f2269f57ef17","sha512":"2b41d5a5bd1b01d41b7e300f4dce4e9dadb2a1e63764b87781d9249b09854bd490eaa44ceddec7c704f6ed9993f8f246c9788951f675d53292a8116186c2a5a4","ssdeep":"192:MZQz0/4mTNnNK2iw5rbMJsiTe0fat4GijicGaY4xlkomeWWwravJLOnxp:MaoNPqcqj3xt1Gxp","tlshash":"fa2284097cb3116666f3b0ae5f6b6100733352432a84ca417f8d9b609f29a7ac3637d6","size":10651,"data":"","first_seen":"2026-03-12T06:24:32.690609Z","last_seen":"2026-04-04T03:34:31.599061Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"04fef4119b2afc96820b402027532a72","sha1":"31b4498496f076bb0ad0eb4ce14dd1e5c4fc64cf","sha256":"7c08078c28175a48e82feb524ce85ce28c04efc0a04b2abd20ce8e1d013a97b1","sha512":"f85f7de56f874b26579f1ee407d46a8258632c00ba72de5ec12bf3f892079db43c952a42780422652759a0a4f3a7b2fa73ea1e7a2be2676783937d69cf7354fe","ssdeep":"","tlshash":"2331ef1a7e63a26934f3a00c575f7f5820b7625324ccc8087c1d9b500f75e27d6266e9","size":1716,"data":"","first_seen":"2026-03-12T06:24:32.730252Z","last_seen":"2026-04-02T03:59:50.407487Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"u.nipark.online/assets/bootstrap.min.css","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/bootstrap.min.css HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296635508-1c8hmp\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"25e95-SdyubGUFMiUBdRZp7IaO9tyR+C4\"\r\nage: 38\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fr450kFgGeEVhAoY8CGrMKzMTneAxJg7iRet%2FdlvPeQFCB0M8yypVklWHFW%2FVb3ug9e93bcgl%2FoyawvYza1geUGjC3GcpYZoENCPRQjTEg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9db0b7759e2c0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":155285,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (493), with CRLF line terminators","md5":"b2fc2c86e99803e8f13b7d85687a8bcd","sha1":"49dcae6c6505322501751669ec868ef6dc91f82e","sha256":"39a3ab6c16788c11038b3c854c75d97cead201fde68d9cb3523e0e64da89a08d","sha512":"fbf29194b80d31cdfd4a7dada241de7b3b27d93983ebfa565b15406c2971461bc15824ec86bd7e3c3982660cb108719a31904a4fa65d097acefaae305ab879be","ssdeep":"768:lm3lsKGEhHthSfrZuCmNGwn2OPrN8WPFWRaziJEwCrbLNveFg:0sKGE9thSfF5wn/xDM7eh","tlshash":"e7e38520ea1231c72333cba87ba18a42ff052273da05497afbde56844ff55685562fcd","first_seen":"2025-12-02T07:31:54.791656Z","last_seen":"2026-04-04T03:34:31.509447Z","times_seen":105,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/main.css","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/main.css HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296635660-nnw2yd\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"3f6fe-HQqqcd9F7XjPyuGXgp7XdzS73e4\"\r\nage: 38\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FD9LvcK927NhVKFa%2B0laBXNSTUTJAv4HBUUlLnxlzDGrvEJh4wPibPCMn0WgsSLzYq4G17jySiHBw9nlanw2iM7oIx4cVNcNvHiQPZVGZg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9db0b7759e440883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":259838,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"7703d19bec76dc4ab0fd50b96257a37a","sha1":"1d0aaa71df45ed78cfcae197829ed77734bbddee","sha256":"62bc58857695a32c3be8faedb59ef1fa45e3d3cc14a2d4107948fddd512a7197","sha512":"df478c12fb79bf48778fdbb9b6bfeeed47d2540bed9d157bea93e8b431ba539d70bfa9b1e9ab9a560ba117ea7194d3d4d2f72e154858ee6f662e88239552a969","ssdeep":"1536:VCVeCK8c15Gc1577koMnVFua2KNnORhBe18PhhssLD3vl1VTBLJP:pCKFkzMKNGje+hssLL91VFN","tlshash":"424497dcee4010052376ebb0b7622a66ff5d11f2db0701b5bef0a458e38a98d1665fc9","first_seen":"2025-12-02T07:31:54.868439Z","last_seen":"2026-04-04T03:34:31.503543Z","times_seen":105,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/swedbank-assets/webjars/webcomponents/3.0.0/assets/images/swedbank-logo.svg","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /swedbank-assets/webjars/webcomponents/3.0.0/assets/images/swedbank-logo.svg HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296636545-cbuj2q\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"197d8-bu2zUbUDbS7GU0XeOssXSGyPA1Y\"\r\nage: 37\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xg9a%2FMw%2FDcakZ%2FsuMEO9wIhOaxM84LYl8rCzlKZDItXMdJnVha3LeVatnTjQOCAOP08GzTa9AxwmtO0GUoVUAjLCL1mPEwMvSTceWVQGTQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9db0b7759e830883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":104408,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c3b61677deea9bd7d64567ed9c568e95","sha1":"2856e5a7f5afa7fadb579f380b0e2e9ff9267b9e","sha256":"edb4918b5936f8b0d990b51eab24fea834eb3ea5823bea7d6305b88037c23ca0","sha512":"28a89a762a3ffeffd1139fcc29a0d0659c35f2c8d9d9269c8669ac306688071a8bb531ac98620429e98d38a044e9156298e5893cbd2871d0c9e0adedf02298b5","ssdeep":"1536:fQe9z6+YGt3y20sq4CNYthzQ95X8mqMc6NJNSmoQLJ9rC0/YJr:fUG","tlshash":"14a340b703b44fb78441d7c95f6c96c832a052e3f27280d67b9e19da5f06c97a939e80","first_seen":"2025-04-09T10:49:10.803051Z","last_seen":"2026-04-04T03:34:31.506831Z","times_seen":183,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/tuv-logo.png","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/tuv-logo.png HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 35214\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296636953-rmuaih\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"898e-V4d8vuhKwMVKS50KDVnanPFpqoA\"\r\nage: 37\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T6j7eQpzI9u6WL0D8jl3Bng%2F9n1yZudI%2Fs%2FCDkgaY9C2dX0YuTpvg0jKkYPx77E6gkZHmFGVIUAe4DLu%2F0JYm%2Fv5X%2FNW3520l3%2FX1OSJBQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759e8e0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35214,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 120, 8-bit/color RGB, non-interlaced","md5":"857a766b01706a34f982f0e2e45f763b","sha1":"57877cbee84ac0c54a4b9d0a0d59da9cf169aa80","sha256":"cc92c117ca2bd92e1e5f9d0325ce6bd1a8fd7ec999964db7336c4c7d658e5b66","sha512":"4f94d374b795a1b820ee16dcded493a72b2baa8c806316b5d10f1b0f2843e98276f3969806879f31b5a0ebc2aa5a63fdbecbc5d58c55642c898d22311048b20e","ssdeep":"768:vK441aEic0YrnqCAeZChDzf2WdbjnjGsdMrFF+LZuKDiUg95KH9:vqic0sdNCx72wXjH+hcLZB9gG9","tlshash":"cef2f175067540a010fac70dec6d6285ebd738d2491aa1f89fabf5e458212fc236c9bf","first_seen":"2025-12-02T07:31:54.765494Z","last_seen":"2026-04-04T03:34:31.495549Z","times_seen":105,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/js/socket-handler.js","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/js/socket-handler.js HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296631499-2wbn6p\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"299b-B0ryoOVUQHiCfnKlk4KhnEFWuEM\"\r\nage: 42\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Jgjm91n0W6devdMuUyeXBIh4oS9k2bAkMgwUAsLlBufewcVcO3t8uBW8cPaNIljMybkx5Ti8AVilqHSVsMGVH5sOXQjonQdmLHGbP3lmA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9db0b7759ead0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10651,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"6eff6feff945b5715c44316a0f29cf27","sha1":"074af2a0e5544078827e72a59382a19c4156b843","sha256":"5ba2c7dc49b2b03b1a26bd8eac057f02ee8b686674e78206cd93f2269f57ef17","sha512":"2b41d5a5bd1b01d41b7e300f4dce4e9dadb2a1e63764b87781d9249b09854bd490eaa44ceddec7c704f6ed9993f8f246c9788951f675d53292a8116186c2a5a4","ssdeep":"192:MZQz0/4mTNnNK2iw5rbMJsiTe0fat4GijicGaY4xlkomeWWwravJLOnxp:MaoNPqcqj3xt1Gxp","tlshash":"fa2284097cb3116666f3b0ae5f6b6100733352432a84ca417f8d9b609f29a7ac3637d6","first_seen":"2026-03-12T06:24:32.690609Z","last_seen":"2026-04-04T03:34:31.599061Z","times_seen":8,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/fontawesome.css","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/fontawesome.css HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296635522-u0ut5t\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"16f9f-6ZmBSmkpdD9GgxEnWFi5Yw3E5fQ\"\r\nage: 38\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7sygmWWYGRavmY8pXLF%2FJH56ukB11ukHbSDndhLVah6knnVS78ppYxxTDd%2BVfGBlADzsT%2B8woQHqXFrkeq2xHw8EBQuoCKQDhmyFQ%2F%2BN%2Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9db0b7759e3c0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":94111,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"troff or preprocessor input, ASCII text, with CRLF line terminators","md5":"801e4a622acb7199a0b287fa3eb9e0cd","sha1":"e999814a6929743f468311275858b9630dc4e5f4","sha256":"a9c8256302c707e79e8680cf19b5cbc4cc97076bc8026be2c823e18d84254668","sha512":"8e3590c72ab2ebe835931e72cff114b521de1ce0145fffbc48a25cbf5a4556e47711aac5e4313a5636ad1660b9f8017c37ca4be3e4b22731d1f043fdeaba1603","ssdeep":"1536:dRm6m/mTmF3mqmwmcnGfP1552tfFuqR112QUTmPDxONKz:88fP1552tfFuy/2QUTmPDxONO","tlshash":"e893312c68a7501752376bb3a3c25906fb3217fa7e43285839e482593ff247e7206f59","first_seen":"2025-12-02T07:31:54.871617Z","last_seen":"2026-04-04T03:34:31.500517Z","times_seen":105,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/eValdzia-logo.png","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/eValdzia-logo.png HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 8263\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296636218-2z9lur\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"2047-ZL4ruTdmPGF9zWbEicn/ANlQnYU\"\r\nage: 37\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X7UFeYjfESXJxwrVsoAkMpgYJB8KU5BTmH2%2Fe1TM%2BWDuy%2B%2BDTgSrPR8phcWGTM6Jt%2BZM2opec4b46iW7HcMuur7vSkoIzvglHF%2BYN%2Flo9w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759e5f0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8263,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 384 x 429, 8-bit/color RGBA, non-interlaced","md5":"8acbc86a329cebaa5c67965cf3c8da21","sha1":"64be2bb937663c617dcd66c489c9ff00d9509d85","sha256":"ad4ffc79ecbf9ecd29e6c8997d9ecf5a1c99007d046dae5920f6d986f501e466","sha512":"e6520194f34ddf4ca505951c2f083cbea062168dfc7f5a1ddccd7d42b4e50864a3969e3407d2b860f6af27771079447f6f86a0d783793c51d3984f75200153aa","ssdeep":"192:l1S0tKg9E05TrCZ4UYz2t3lCzNkRr3s3TNk3e2:lTXE05PCZQzQVCzNer83Tee2","tlshash":"8302afe7316055cfb0aa3a74489e884de76921588c613f749d3253dd22b0f4a0fd1877","first_seen":"2025-12-02T07:31:54.798325Z","last_seen":"2026-04-04T03:34:31.501288Z","times_seen":105,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"u.nipark.online/socket.io/?EIO=4\u0026transport=websocket","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=websocket HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://u.nipark.online\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: d0p23ElGx2e5N7JKayLwvw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Thu, 12 Mar 2026 06:24:34 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: MtaNkfTN18/mSn9cu5YHmWagKSU=\r\nAccess-Control-Allow-Origin: https://h531623hh123.nahuj-bl.com\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=wv%2BF0sJYzBVVhmUtRQcZHtzibYy8U8qmrermuZf%2B3zhAbGsYTlUB3n0IHDJpSLdK%2FbtaU3Rj5PmXnn7iQSTejqHQ3Qtm7LnGkuiv5nXJ4dsKpainQF8p2IJEeWRlcTSvsrg%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9db0b7775c9f76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=502\u0026min_rtt=416\u0026rtt_var=270\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2340\u0026recv_bytes=1333\u0026delivery_rate=3451728\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=96e4825c18e82a6d\u0026ts=94\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T19:47:03.381564Z","times_seen":13344428,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":0,"dns":20,"connect":20,"send":0,"wait":81,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/zk.wcs","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/zk.wcs HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 269031\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=3600\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296674278-gb97dm\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"41ae7-HbyvyuM7PLmWh2BEcngBbZL1Plw\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=69NpwyvqkzHpv%2BPK%2Boju0wgD5WWBFSsbKZdAwt975liPZIs0U6iprAd8Qxx%2BZ5Suoxug9hrOq2Zvb5BBi73jKinO4%2B7BqesNsfbcJ4auuQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759e260883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T19:47:03.381564Z","times_seen":13344428,"resource_available":true,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/core.css.dsp","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/core.css.dsp HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 9505\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=3600\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296674215-08dhew\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"2521-nkMrGeoot6ZOctgu/+UTvk4uOK4\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RuPc0x%2FJd5uZgxRpZFaBT7pBtfRgTh2Ow4k5%2B4pfqMdU%2B%2FkBgJBZV%2FzsAmriSB9x7tVQrOI506yx%2BOjIVJkBFvrb%2BHxUO3GTTEZen9o2RQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759e330883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T19:47:03.381564Z","times_seen":13344428,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/bank.artea.png","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/bank.artea.png HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 12706\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296636492-zkti0k\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"31a2-lNyPuFaRQJlQy6OfAyAefWNABZ8\"\r\nage: 37\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hclR%2F2rxaJWV93Tgv%2BKRW1TY1YP6%2FsjBWY9q9BrZB%2FVd%2FJrLlXa7gtPOCVrP2W%2BVWUx3t%2F20C%2Fa5eqKkl%2FetdTC39Y0XlysdWAb3q%2F6BFA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759e7b0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12706,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 481 x 282, 8-bit/color RGBA, non-interlaced","md5":"3e807b340463546626fb65e1bbee0921","sha1":"94dc8fb85691409950cba39f03201e7d6340059f","sha256":"8031fbab9a276a4adcb6c77c6911f58ebf39da61cb1c365ad0a3e581c03f920a","sha512":"2368bfb15e5564cb0943b68556a3a4fd99b3c9a1a77a47a54f43fd3283f9fba388fa2fddfa7268b11f0bddbb0f317bfd7cda98d4aeaaed961fc4971a93da8023","ssdeep":"192:m+NEJCe57Xwzhf7e4WD8MhUK3ZISPkBRXYgKidz1qeZvn/gjBzTLyHeN7:m+N4C6XghfK4zMh73ZFP0dBDZvn2J","tlshash":"b242bff2577a6b82c16c76cc7474d2548ea46d1b71bec3b0c12e9417da371380a78a5f","first_seen":"2026-01-29T02:14:22.498872Z","last_seen":"2026-04-04T03:34:31.506188Z","times_seen":8,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/bpd-logo.png","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/bpd-logo.png HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 4551\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296637065-3bfjl\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"11c7-shdULpFUPe/zYcC0HGp+lrp33l0\"\r\nage: 37\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=izX7nA0oeIbjRS78GUFLKlUs5ipYEjOmcrCYkfMjXPh20Ai1RZk4EBnel3CZUl2ARTdyt38o7Byx%2F5LJ7l5%2F1RHJLWfrY5QUiWEpzdenaw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759e9a0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4551,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 437 x 177, 8-bit/color RGB, non-interlaced","md5":"43e0b41425bf1b4c4b61a45fc60c0a1b","sha1":"b217542e91543deff361c0b41c6a7e96ba77de5d","sha256":"e8e938ed70a34e7372df767bb2e4241ef8a6d171512a0f378a24119225481be0","sha512":"36e19fdcedb74158fcb88703da33d7ae498365a2823a9b3839f5ea2aee162b3bf14bcf68f31bb4a4c72d47198a85e95db82c38b5313292b05afaa91b000240c6","ssdeep":"96:L9Dmj9Odhi5UCP6SsSK+KTFg9/SfnOQQeD+bj4VcLrutbq0Qy12G:mkhi5biSsZ+KTFE/SPzZ+bMqHeXQy12G","tlshash":"a6915c7da02853d745c0259228f031a67061ebb27b44c7ba61af797edf9b650d3a1035","first_seen":"2025-12-02T07:31:54.795Z","last_seen":"2026-04-04T03:34:31.491239Z","times_seen":105,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/js/main.js","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/js/main.js HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296631519-uccb0e\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"15fe-VqZOGgj3KgFylglDnTn16ycO8pQ\"\r\nage: 42\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rHmS16Wq4HQtwF0GYR1kyU2a%2BZDq5sgTa7PvHW5DBl7nqAVexIPSHkvXIXdKNSbu%2BynpVPvKwejY6aaDXWaMzHcdj%2BPUSnWDllh%2B1Ycoig%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9db0b7759eb50883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5630,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"9ffcef970fb5f3435afff7fd92f09c2d","sha1":"56a64e1a08f72a01729609439d39f5eb270ef294","sha256":"4094d495bc8440cc13ffdfe8d49335172f34e3616494a3ce050d117be8175675","sha512":"4807044be8c6e77906b8a935ccfe25629188b9000c9548d2b0d03f1a38a3b7012388929c1ca59838b099b6933601c63a7bad1773a00e96866565335d020a601a","ssdeep":"96:bx1hAOp5SFFeZ1iABNrI/HMTszpDVXVBUBhKCku/lhFSpUwUg7sBE:l3xZ1iCVIETszpDVXbgoCkudvIsBE","tlshash":"82c1320c25b761ab01b2b5bd7baf3524737242173084c88a7d4e47506f67e264b2bbed","first_seen":"2026-03-12T06:24:32.711905Z","last_seen":"2026-04-04T03:34:31.589076Z","times_seen":8,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/bank.dnb.png","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/bank.dnb.png HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 1713\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296636489-9ye4g\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"6b1-/BIJQBw08UknFB4coc0QYG7MCzs\"\r\nage: 37\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ycfee8adi8Kozcai3ncWXi2rtJh7VFBHuI9R4bP58GsbKrkHfbtLKeJ6lhsly%2B7trbKjYngbzpH3z%2FtGRKtyziZtBFvL4dkbGT5RbSe4Uw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759e740883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 132 x 40, 8-bit/color RGBA, non-interlaced","md5":"d049ee046601860acea569d66c05d0cf","sha1":"fc1209401c34f14927141e1ca1cd10606ecc0b3b","sha256":"07fde228577cf26d4238d328036e81732179d5839cb092cd9540c5a1247a3c74","sha512":"7c78777c6175919fce35e268ab1a329c36e5be238ad62c985e8f8497363ad8de786eef97e9a0db7f0b0239dd180729b1a5d48dc106685a3d998e64550c06a134","ssdeep":"","tlshash":"60310be043cd14af56cbed23d9060a37965282813478b88cf172812d49a0b60addb143","first_seen":"2025-12-02T07:31:54.889874Z","last_seen":"2026-04-04T03:34:31.50196Z","times_seen":105,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/favicon.ico","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/favicon.ico HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5; csrf_token=cb6ce0643f8ce347070634c50b64fe934ed3ac6d8ee74299acc89ebd11ef0a16\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296646512-4mt6vp\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"47e-DHKwEvC5gBNob0ybaoj7xJiajuI\"\r\nage: 28\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NbLfNvx3z2vXI1k4R49BH4muNhZ2JbfKRYrM1krWMKsumESeTrE4xFg%2Bpx3UiDTEWlXA2rJRuIRXnHgc9EoIF2se49taFawEFkRDNJENVg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9db0b7782ad80883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"9306db0b11a5f1f6e21db77173cba723","sha1":"0c72b012f0b98013686f4c9b6a88fbc4989a8ee2","sha256":"40f3ef92ccbb64ebc9bb7d42cd402e1485ebf3d6ec027a2c732fad309b9dc0ca","sha512":"2253730e164a2ff5a73ccaf301ce01500a7eb1b117edeb9edceb7959bbecb604ee624165434e2625732f4e16a7958ae326c97850ea422c8c4db8ec758b797282","ssdeep":"","tlshash":"362172c9b0002c8dd120c870f1ac6a951c8dcd2e6cad31925806b27faef0188693d4f9","first_seen":"2026-03-12T06:24:32.720216Z","last_seen":"2026-04-04T03:34:31.50835Z","times_seen":6,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/solid.css","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/solid.css HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296635513-tu5v4r\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"290-89+MMua4yRuOZyE2iuWLhA3uD04\"\r\nage: 38\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1b3s7hitG%2B1oq35L6c2L9Y75MTTcsOtlG%2FNdzFgKYh8TK%2B0t5O3hUtDXyijjsPwNaKHh7laRac%2FvdMNzRcBc3VrEq4eXSVhmF62FbNbbLA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9db0b7759e3f0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":656,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"40f7a775c054d4e48747d40c405008d6","sha1":"f3df8c32e6b8c91b8e6721368ae58b840dee0f4e","sha256":"da829b7aae98a153dbe335a4c0cdf25c2a9ee68014066c3a589c78abd216e1b7","sha512":"f15c7085d74f8258b6b111d972beba844a4e4cfbaa3d550c4c348c972279e73974c99f6c9a06b29de0fed71b2fd8226232982c487d28776b0a92f5a0fddafc91","ssdeep":"","tlshash":"2bf0782c0116107057310d0b3b8abf5aec5530a73e9a6a517273a81dbef8e5b22b8f0d","first_seen":"2025-12-02T07:31:54.831911Z","last_seen":"2026-04-04T03:34:31.515217Z","times_seen":105,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/api/campaigns/bank-urls?domain=u.nipark.online","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /api/campaigns/bank-urls?domain=u.nipark.online HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 17\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'none'; frame-ancestors 'none'\r\nx-request-id: 1773296674439-n5ggu8\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: csrf_token=cb6ce0643f8ce347070634c50b64fe934ed3ac6d8ee74299acc89ebd11ef0a16; Max-Age=86400; Path=/; Expires=Fri, 13 Mar 2026 06:24:34 GMT; Secure; SameSite=Strict\r\nratelimit-policy: 100;w=60\r\nratelimit-limit: 100\r\nratelimit-remaining: 98\r\nratelimit-reset: 32\r\netag: W/\"11-r+m68ygTGLgOYaCmIU5I7lE8m5A\"\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YEmnyO3H0zw6s%2Fv6AvjAh3cZcNYkHppYiVXpA4iTKFBptc3FpoPiE%2FxJzI6sS0NduGgDEv%2BwJTtovSLsFeUw1jBxJS1EWoVm7pt5221qbQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b776fcf50883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"38ed35ae4b0780ea7794fe886f57c0fa","sha1":"afe9baf3281318b80e61a0a6214e48ee513c9b90","sha256":"91cd1079a631c05808c5ee19f9827ddab854af8b9704ca10ded54955f129a308","sha512":"e526dc40e372a9623cc3bd4046f6943b9e6d9865e291f8f85af3c3b7baeb5021f8241bb279317f2410aed4b19476cb1cca29f58350ce4e2ea54b1b428ae2c97d","ssdeep":"","tlshash":"60600030c000330030c0300300c03330030f000300000c00c0303f0030c0330c0300c0","first_seen":"2026-03-12T06:24:32.684615Z","last_seen":"2026-04-04T03:34:31.492608Z","times_seen":5,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-12T06:24:33.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296673943-2lnz8b\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\nset-cookie: phish_sid=session-3d154ca1772c8adea338094250502bc5; Max-Age=86400; Path=/; Expires=Fri, 13 Mar 2026 06:24:33 GMT; SameSite=Lax\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ST6%2Fx7Wdj1UdvNj4H7RrXqoDHMRPQIWESbyomaw%2BIfRXwjhtYIlcYwT6jn9Ke%2B4VBMpjzc7RcYavJ8PMwFo1FkxE7v9D1hZXUKJqW13JyQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9db0b773dd8e0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]}],"data":{"size":12419,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"7ee049024531fb5b0bab25546b2114bc","sha1":"16ed5ed57dc285b782d02c32a586c24c92c3fe10","sha256":"051317fd7fb20801979b58117e306c9be3f44500836a79bff784579178f9bf34","sha512":"6e6d3165c78cb1218dd242ef50274d774191a733f674ed93f4d0ea8a99a8b035274a7dd59fb1eaad6071bc9836b1581afd7c77e745d5aedb25b1dc4e7989e2b0","ssdeep":"96:qG3adUkT0ONJoyLEszdST3M6hrnsaMMP+L+G7JgmEA4FlCFZX5kK01/jh1dW4y/y:LwxTbdLEsQzbZsa2l427xi/jh2449Y","tlshash":"7042ed2058f2552710a290c83e627f1eaed1ea07895bca09baec4fd50fd3e43cd0766c","first_seen":"2026-03-12T06:24:56.608729Z","last_seen":"2026-03-12T06:24:56.608729Z","times_seen":1,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":9,"dns":1,"connect":1,"send":0,"wait":92,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/epaslaugos-font.css","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/epaslaugos-font.css HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296635846-9fii6d\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"1507-vfpUZa+D/G6ye1ufP46e56wXODo\"\r\nage: 38\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SynZMBAy3Kg6NCtMC3TOMOsawlx4z0lM7wQj8v5jr5u%2ByCOBRqJ2A%2BA3MbEVRJTU1I6tYbtPA%2BGiVEx3VZPARBQ3vj7%2BcrdVUsFkdN0cXw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9db0b7759e4b0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5383,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"f90c30bca206a68dc024ac9ca7bcfe6a","sha1":"bdfa5465af83fc6eb27b5b9f3f8e9ee7ac17383a","sha256":"fb2dbc23f365cb177fbab6f50bebc1bbc9c4df95fad3b05ff5a4968859dd74bb","sha512":"a1e0f8067619b033efe931aa1f12155e940719497c47dce612b6dcd247ca5cad35ffa09c8649c42d43261fec631de78d49174a74bb349896a6e38adc4be8ecf2","ssdeep":"96:09zsVBFxLt3Nk493tAg6t2SR1zZ1F1Nes8w/0KamMUeAGOnLe2GK9xZVJ0aVRbdr:eYVDc3h","tlshash":"d2b15d719c1a34711322b9a0a3572106ef456b26ef825d8ef657ae4c5bf626480c3fbc","first_seen":"2025-12-02T07:31:54.822069Z","last_seen":"2026-04-04T03:34:31.512507Z","times_seen":105,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/lr_logo.png","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/lr_logo.png HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 8181\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296637015-igqlec\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"1ff5-rTGUKGXqKL7JkLupZUmm/RnoM0g\"\r\nage: 37\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z6uWymlunU4tnklU9PU9bVk0mG%2BSG6nfxboWS8AWcOJ5K6M0vwuky1rP%2Bl6hH8%2Bhkil1IHJo%2Fe%2BVrdB0SntfkDumMNVK9VwaAZSk9quloA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759e890883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8181,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 63, 8-bit/color RGBA, non-interlaced","md5":"2a7a823dd242c77aee719da8933b61ca","sha1":"ad31942865ea28bec990bba96549a6fd19e83348","sha256":"4fa8dcc025bfe0f5a8693a1b93c72db303dbddf270a21d31af1ff9612b015a32","sha512":"a0f998784af9ed8b00bba5b847044b0c6ff91878d44959a0c594b0e9dc53e4480d7c19fcc61b8ae58ee57552d4d984bde15f123378fac5db544a51391978d4a9","ssdeep":"192:CAytUPlOR+a2bbmactIZ6K7BC02QbrObbW:DytSlORr2uactIUK700QHW","tlshash":"96f1c0d2c6a3b6773518fe0532c8b0679c6a7941c2f4fa18141b797e6a1c0ce99b48df","first_seen":"2023-10-28T23:04:46Z","last_seen":"2026-04-04T03:34:31.502725Z","times_seen":106,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/js/page-shifter.js","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/js/page-shifter.js HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296631518-3fow4f\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"4064-TIOSaC79h6/KfnnXXHfE2LKVB6Q\"\r\nage: 42\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Usfr%2FWjOag3NnGs8uvUTPpJd%2FY%2FAFvE%2B2o7rPej5xnjNV%2FRth7BgtJD5LyYjbd47dDl7%2FDJEcXcKR396aLqgo82wABuausikbWqLaP9jcA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9db0b7759eb10883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16484,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"1f439667819eab656195abb7114af453","sha1":"4c8392682efd87afca7e79d75c77c4d8b29507a4","sha256":"962712107cbddcfc053d6bb966e987809cd9d9fdd62f1fd65cdc5b549b6511ce","sha512":"5bca5f33c1269c10c22512efed7000dafb1f95e78ae6b3d0b96bd0e2672bf11bff7ffe66f555c552c1df5972d62c298f3d2bee57632e7c462cbf12e68805ac8f","ssdeep":"192:Z99C4KDdbInZVfxatI377nNL8Y4waLkQwrleWvCCoIb9Q9dbXLr2If7NtVa34v0x:FPKDdbmPfx6s8wdIT1OsJtAtUYh","tlshash":"5372300975b62269c43378af27cfa204363661237604d64a3e5e83045fd9ba99273ffd","first_seen":"2026-03-12T06:24:32.716299Z","last_seen":"2026-04-04T03:34:31.573841Z","times_seen":8,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/fonts/Epaslaugos-Font.ttf?-utws4r","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /fonts/Epaslaugos-Font.ttf?-utws4r HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 15\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296674433-rpwpw\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"f-hV9AvaBNpCm1YTiAiQHEqwHCPc8\"\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V6P439bvuAc86xQ9ahN1jodfwkhQZn9Uur9M68zc43dnucMW%2F8x6Cvr5i4iP15%2FtUpbGdgA7xzA50g17crNpvorRCCszEmYBWPuPUQAyPg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b776ecb30883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"3f0c9658216718b5628e02745d8e7d2f","sha1":"855f40bda04da429b56138808901c4ab01c23dcf","sha256":"3965d1967e577f2a38e5a83a50ae71e0d510c080e228056160e75d55fd987872","sha512":"ebc50f270919ff4924e58265136893014a271f411ee7e0c6833aeca729835058eaf01276d8ad043b09f0ede31401270c60fafa1b593eefda76deb0b163662b61","ssdeep":"","tlshash":"d860000c0003030c00c00f3003cc0030300c033c0c00cf3c0000c00c00000000c330fc","first_seen":"2025-03-05T14:16:29.431279Z","last_seen":"2026-04-04T03:34:31.601417Z","times_seen":59,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/socket.io/socket.io.js","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /socket.io/socket.io.js HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: https://h531623hh123.nahuj-bl.com\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=14400\r\netag: \"4.8.3\"\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yUI5ApmtJzZF2%2Fu4F6lcFmxDDwf3t%2FK5YWE8%2F%2BOGc5wVP4hMDZwkfN0N7a7tv4ZSnVZ2acNS3nI%2BCvoZ%2FiGiWOAf4rw8aS4UsZ8MRMsocA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759ea90883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155836,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"ec127053f9c5cbfeeefd263b4b23bc0a","sha1":"11c08d7468ffe8980b0f862280c0c371776938a8","sha256":"bc425714aa8f2547d6939e3721ebafd3830a7562a1f6cb08acc1e794bd707954","sha512":"81ec905226bb2b6632f968b204f873331a4a75f24c0f27d50bb5ea930bec797a7c201eed1eaf1a9ef06cbbe923a722bb54fdcbf2be7147eea00d77a80565a39e","ssdeep":"3072:zLTygH4CO2KsFpWw0axS8RZIXyR7dSGg18FEEaLH32emV/Tfkmh0KbhEGtkSWq:zLTy7X1sFpWw0aTRrgaEEaLH32emV/D5","tlshash":"6ce35f49aaf72051917330398bafa045f239d01b620acd443d1cd7f49f65b3897aafe9","first_seen":"2026-01-01T23:52:44.961231Z","last_seen":"2026-04-04T03:34:31.588431Z","times_seen":53,"resource_available":true,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/bank.seb.png","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/bank.seb.png HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 533\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296636217-ogcvrj\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"215-7UsPaFZn+SLFul4Np48UWuzEyn8\"\r\nage: 37\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0zJ48zrPGiPJm74ENBF2scPfXtOTltiKKaF4Vbw5tdlCcJu2yrXBw4BvWVLesR9yDA3tv7YMQFllwsLAq4%2F%2BbGHhmIAuGRYRuOH6ZLCThA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759e680883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":533,"size_decoded":0,"mime_type":"image/png","magic":"GIF image data, version 89a, 67 x 30","md5":"2da39a61f04164da0027bc28f1629572","sha1":"ed4b0f685667f922c5ba5e0da78f145aecc4ca7f","sha256":"c20c9ccf29ff8210fc8b5e3aa9292d1e90b1a8d9a857ea2132e204c37cf13c4b","sha512":"c9b9badb749166ba9725b365b9e959d5c4fac1a2604697dcc9f91532de574a7f0754aa6f092707e7d26082805a805ff67ebf4430c7c883f98eb0523afd781d93","ssdeep":"","tlshash":"10f054a1b828dbc2c607b1f24e297e38e59659046379d87c2c1f6a5cc2783e38125181","first_seen":"2025-12-02T07:31:54.80495Z","last_seen":"2026-04-04T03:34:31.513233Z","times_seen":105,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/bank.citadele.v2.png","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/bank.citadele.v2.png HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 2524\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296636608-30abq5\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"9dc-hiW7YCCIjfATIdedVmbAUsZSIpk\"\r\nage: 37\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5bnl0hKkkWES%2FCCKthFG9DZ0flQwdJbAaRCFBRvTMgHCl844r%2BXCJjOwevBk8%2FfGL%2FBx78%2Fsj9Fs5d4Dp90JdCHpPt5kPCGELCMOX6Schg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759e780883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2524,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 99 x 50, 8-bit/color RGB, non-interlaced","md5":"22fab3b11749f3187704b1e1c0774b1a","sha1":"8625bb6020888df01321d79d5666c052c6522299","sha256":"9f88ca7ad5ea3d04921bf1a3a5e8c930dd04a8c933847e66e4ffa0add09f93f6","sha512":"dd05c237694a279eedeb6167ddbf77af6fce2a493912702c6a6cb83a4fd91b5362e5874979def28fe045820c5b43790582490478bc854f4d91cfa66894e9a962","ssdeep":"","tlshash":"c3515db96fd0da35bba307374cfc0611b9f541ef4a1b547a91b9d8009926b0fc8e6712","first_seen":"2025-12-02T07:31:54.835412Z","last_seen":"2026-04-04T03:34:31.505281Z","times_seen":105,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/assets/coat-of-arms.png","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /assets/coat-of-arms.png HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 11258\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=14400\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296637063-pxtx2k\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"2bfa-8SYGALrO+3SjIAMfNeUG0O6ik9A\"\r\nage: 37\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g3XtAD7D6gYsapUCXs%2F%2FJ9fT1EkQq3yMUOrVZPbbz7mBMK%2BMxz%2B7xiOutR%2F2kUYVv1ucykCmGv9FqqO4rBi1epvFmbjHCG6CBeYfrt4wDA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7759e930883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11258,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 50, 16-bit/color RGBA, non-interlaced","md5":"71dd00d2a9be8b0d253b063201d2fd4e","sha1":"f1260600bacefb74a320031f35e506d0eea293d0","sha256":"10d8633c7949192bd690376911f5847de06c34cda03a23ba196b010f5a7f2942","sha512":"ca7589d10d54f54be634e226f30fc2c579f6f57c48fe32d248b6602d4457fa6f14bb03ac63b56b2612d1b3829c344b069157760c06121748f76a3b65b3ea12d7","ssdeep":"192:j4SDS0tKg9E05TjZP25SnHnSqiTjPy+gPEVpNBQtLnGQY908nbGt/2xXbIka:TJXE05EkHRKyXP0pnQtLHK/bGtALIka","tlshash":"1932cebf2678866ab58e3613015b7b40c26043dc852b7f0d48d4e68eb289c16df883e5","first_seen":"2025-12-02T07:31:54.827767Z","last_seen":"2026-04-04T03:34:31.510714Z","times_seen":105,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"u.nipark.online/fonts/Epaslaugos-Font.woff?-utws4r","fqdn":"u.nipark.online","domain":"nipark.online","tld":"online"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://u.nipark.online/","date":"2026-03-12T06:24:34.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nipark.online","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 16:08:56 GMT","end":"Fri, 05 Jun 2026 16:08:55 GMT"},"fingerprint":{"sha1":"88:47:DD:30:6E:83:8A:0B:B0:B5:22:C6:BE:50:10:B4:41:95:23:FB","sha256":"E6:17:1F:A6:C8:22:71:65:2E:9B:D4:F0:2D:D5:D9:8B:2E:49:78:B4:A8:C7:A7:B7:B1:BC:53:22:3F:5D:83:34"}}},"request":{"raw":"GET /fonts/Epaslaugos-Font.woff?-utws4r HTTP/1.1\r\nHost: u.nipark.online\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: phish_sid=session-3d154ca1772c8adea338094250502bc5; csrf_token=cb6ce0643f8ce347070634c50b64fe934ed3ac6d8ee74299acc89ebd11ef0a16\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Thu, 12 Mar 2026 06:24:34 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 15\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: DENY\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\npragma: no-cache\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss: ws:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'\r\nx-request-id: 1773296674588-jnqitc\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"f-hV9AvaBNpCm1YTiAiQHEqwHCPc8\"\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h2xf0e88y717SoWO0LHd1NEK5BrReMv7Y7YTTEIWrMVHaAjZAXAKodgBHtAJOBpXCeycqI8Tbdir5uvBSArYmHTC%2FuXUJR6pjS3IQRXpJw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9db0b7778ff80883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"3f0c9658216718b5628e02745d8e7d2f","sha1":"855f40bda04da429b56138808901c4ab01c23dcf","sha256":"3965d1967e577f2a38e5a83a50ae71e0d510c080e228056160e75d55fd987872","sha512":"ebc50f270919ff4924e58265136893014a271f411ee7e0c6833aeca729835058eaf01276d8ad043b09f0ede31401270c60fafa1b593eefda76deb0b163662b61","ssdeep":"","tlshash":"d860000c0003030c00c00f3003cc0030300c033c0c00cf3c0000c00c00000000c330fc","first_seen":"2025-03-05T14:16:29.431279Z","last_seen":"2026-04-04T03:34:31.601417Z","times_seen":59,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}