{"report_id":"c003611d-ad4e-477e-8a60-e192eace0d30","version":6,"status":"done","tags":[],"date":"2025-11-20T16:21:44Z","url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"104.21.49.119","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"title":"She wants to hear more than just your name.","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"104.21.49.119","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98","country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-25T16:21:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":5}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T16:21:23Z","timestamp":1763655683,"ip_dst":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":53480,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2025-11-20T16:21:23.151201+0000\",\"flow_id\":371953831721042,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":53480,\"dest_ip\":\"172.67.74.152\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":915,\"bytes_toclient\":3513,\"start\":\"2025-11-20T16:21:23.145490+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis3002.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis3002.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"svntrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"accounts.google.com","ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":103,"first_seen":"2012-05-23T06:57:57Z","last_seen":"2025-11-16T22:39:01.613573Z","alert_count":0,"request_count":3,"received_data":6959,"sent_data":1814,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-11-16T22:13:25.532985Z","alert_count":0,"request_count":1,"received_data":4594,"sent_data":498,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"allyouneedis2000.online","ip":{"addr":"46.8.210.233","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"domain_registered":"2025-10-03","domain_rank":0,"first_seen":"2025-11-20T16:21:45.002681Z","last_seen":"2025-11-20T16:21:45.002681Z","alert_count":0,"request_count":1,"received_data":6269,"sent_data":542,"comment":"","tags":null,"fingerprints":null},{"fqdn":"allyouneedis0054.online","ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-03","domain_rank":0,"first_seen":"2025-10-07T19:39:48.97781Z","last_seen":"2025-11-13T15:48:13.793194Z","alert_count":26,"request_count":13,"received_data":697770,"sent_data":13319,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-11-16T22:13:25.550079Z","alert_count":0,"request_count":1,"received_data":38591,"sent_data":558,"comment":"","tags":null,"fingerprints":null},{"fqdn":"lh3.google.com","ip":{"addr":"142.250.74.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":1918,"first_seen":"2012-07-20T22:52:12Z","last_seen":"2025-11-17T02:38:57.592846Z","alert_count":0,"request_count":1,"received_data":505,"sent_data":444,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.ipify.org","ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2025-11-17T00:47:13.652557Z","alert_count":0,"request_count":1,"received_data":253,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"90a57c9zn71.fjfmszb.help","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-12","domain_rank":0,"first_seen":"2025-11-20T16:21:45.009546Z","last_seen":"2025-11-20T16:21:45.009546Z","alert_count":0,"request_count":5,"received_data":20071,"sent_data":3133,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"ipify","description":"ipify is a service which provide public IP address API, IP geolocation API, VPN and Proxy detection API products.","website":"https://ipify.org","common_platform_enumeration":"","icon":"ipify.png","categories":["Geolocation"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"allyouneedis3002.online","ip":{"addr":"172.67.150.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-29","domain_rank":0,"first_seen":"2025-11-19T22:30:24.870806Z","last_seen":"2025-11-19T22:30:24.870806Z","alert_count":2,"request_count":1,"received_data":6507,"sent_data":567,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"svntrk.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-04-18","domain_rank":392290,"first_seen":"2018-04-27T07:41:55Z","last_seen":"2025-11-17T02:38:57.589004Z","alert_count":1,"request_count":1,"received_data":668,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T16:21:23Z","timestamp":1763655683,"ip_dst":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.24","port":53480,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2025-11-20T16:21:23.151201+0000\",\"flow_id\":371953831721042,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":53480,\"dest_ip\":\"172.67.74.152\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":915,\"bytes_toclient\":3513,\"start\":\"2025-11-20T16:21:23.145490+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"53fe059c522faf5245c320e18558673d","sha1":"a31f4bf881f87838b05ff464c945178249ab738f","sha256":"398c5e0836d800fce18afbbe009dea7dd501dd2d24f22ab4daefcb3ca9663105","sha512":"92115798d25195c23f2b7455484e7fb7a028161f6ea9a4fc93329ec3b84ad86cb7633d13d5428f80a45d62bdb43806d3daa44030ea9bbc42b77ea90f8ba322dd","ssdeep":"96:MSD91WUNR5ukwJfKLXlWncuc8H4TMH4TeS0cpGbYB2DS/0:RWo0SgnlLH4TMH4TeS0cpGbYB2u/0","tlshash":"f032fb0ed875860f3d1da296a36fc55874c8d8398919ef209e3fe72872316dc63904bb","size":11404,"data":"","first_seen":"2025-11-20T16:21:49.557844Z","last_seen":"2025-11-20T16:21:49.557844Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"de58158b40c6b209841c615901e4ee4e","sha1":"77edab09894a8dc5b21650e36e47dd8eae41b2cf","sha256":"2a3e62965ffda5c73dc601e564fa86766c3bdd4efad0519641345ec174a56b0d","sha512":"51f791fae3ebf55eb35dba29c76259371a0ab5a27eab27424b8101f323027522b94d20421bd8c879d594deaa5a74fbe379714fb971cdf36985538ba86a0fbdcc","ssdeep":"","tlshash":"0011bdfc35c614ad2be625882a0de701ac3e2d015ca5df0ac123deb9d165e93785fc71","size":1008,"data":"","first_seen":"2025-11-20T16:21:49.559995Z","last_seen":"2025-11-20T16:21:49.559995Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"95b8c28f3a74c3b7e1aa1f637fe5e622","sha1":"881da56a5987b562a628d604caec6737ff4fe74e","sha256":"695ef8771780b691e2e227b1f67e1069f09e7eaf8cc9e20add7b1e216a2efe09","sha512":"b79b71309cc042ed00b4dbaaecaf9dc49e62b346f670da196207fc03d1efd97b5090851b10d230bfdc1c4c2c7d2120a0572f645edcb0a90cd4931e10399ad82e","ssdeep":"","tlshash":"9c8000ca0800020822e22a028a03320820bb00eb8800a88022000a20220c30f8aaaeca","size":28,"data":"","first_seen":"2025-03-16T15:38:57.758966Z","last_seen":"2026-05-24T09:28:08.975315Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/js/vendor.js?id=5ef8a77c5038e8f417b665039eb1757b","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"aca5e6c0028f1b4960a0e62d6d24e559","sha1":"4a8d1497f6447254f1e671ee5dda6bd72f562a17","sha256":"364258e1672bcb945d88922135f05c121011adc7539bcc2da9e34bf409d7d032","sha512":"87526b200bde3c28a84e5e9046339f4cc518a53b57317ed9219dd7254c0604445a6e6c2caab7d916165a4bbffb78f3adcc7ea263bc846b62d0ccd58fc3aedc3c","ssdeep":"1536:v8gdiZ8tGTw+U6XMUbxmyBgoCJSLvWrbUSNSDoAzyuDNEVsHdlBGHMuZ+3v2MQ8/:QdZSNSDotgHdZuE3v4JuxQEL","tlshash":"e0a319ddb2c6716347ab70ba00bf550af2365599680d8440f029d8eabc78e4e523bf7d","size":100254,"data":"","first_seen":"2025-10-31T14:13:53.047241Z","last_seen":"2026-05-28T17:15:35.765177Z","times_seen":214454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d7c162e14a262363938afd80e3f1bbcc","sha1":"9c44373c1ff739d9efe6a34088f4f87540b3a4a7","sha256":"5579469b860c40afd7f3aff48bbbeff05b18f8c8fd8a2a004ae73fc6e14eb8fc","sha512":"6a71eb1de143876161d414fcefc9330de83232436356ac3e4543f1c8abfbe23e8ee90430498adf745d96a4b27e6efc6bdbed491e02a423c01c3b529db9309b18","ssdeep":"","tlshash":"1e519e752816b0415223d62aa3dd0b08543cb633ba73485ef3b2794e8bc5a8c626759b","size":2658,"data":"","first_seen":"2023-07-01T16:41:24Z","last_seen":"2026-04-12T00:19:56.644056Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/rr.php","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c0d0bcceeb10d5951f1e39fa31bad4b8","sha1":"dbcd6ffe921f3ddcaf927f5460034e02621d2ad5","sha256":"46036d7b1fbaf1d0dae8b4118bdbb732790603173f4ed63c2968ba19a8abf94d","sha512":"1ce611619524ab9ece3f8c8a7b233c403d1b6b77e028b00bb0bc8409f7607cb534b51943d24a2b7f7c331f97f84b2a9fe20cce885da04a5b719a4d938c56f1a3","ssdeep":"","tlshash":"0f9002c50441410517951a1247326214107705ab554c58d025114d10220838ea5d5de5","size":48,"data":"","first_seen":"2023-07-01T16:41:24Z","last_seen":"2026-05-24T09:28:08.970195Z","times_seen":116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/rr.php","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2da9c4490f661ad84ec0af840b6c38b6","sha1":"53fb72b67f8171e53b03dab45f972080fb48900a","sha256":"fb43f83e50d49a5d93e5d3129238fc4fb21fce8ed2a1678a2aeef8c0f0c7c32d","sha512":"75bccdad19c041d838c35c1155f85e610569ece65bed6221249f792979d9440f52911ef76f2b74d4c1c787f8ecdf7c973ae6948ab88c5fefed614f6378930ed0","ssdeep":"","tlshash":"36210f5163011f7b47701f742608b2f998aba99228c6f9c4fb30a7d59172a72b047f30","size":1150,"data":"","first_seen":"2025-11-20T16:21:49.56758Z","last_seen":"2025-11-20T16:21:49.56758Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/scripts/fp.v3.js?id=646d4b3deea4287def3fdfc18906bcc7","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d8ad98fe3471d1a74d485f9b4737bfc","sha1":"a1190f7bb41660f682d59e15c2606279da0792f7","sha256":"9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c","sha512":"7fb9f2102417806125bb6cfc40d829f98ca8cb772b9ba847562a19b7e0e6e3e1a3e78ccf464a2409741ee9074d12ca521d305c3ae16ff774e2bb6e3c462dda51","ssdeep":"768:WTW1G6kf2ckxyISuNwxJDJzFE8CYtCgkbAIlIdlIZCwXy:ljvfxyI7N8JDJJEnYsgu3ZRC","tlshash":"be0329d872c7b01e5263697a157fa046ba3abd50750d8c07da3be1c07ca5d4a023bfb9","size":40104,"data":"","first_seen":"2023-04-05T13:38:28Z","last_seen":"2026-05-28T16:54:38.518613Z","times_seen":336153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"aa36962e24c1b28e43a6f700618da133","sha1":"bc21efff236f6ac4c2394be723791848358821d8","sha256":"51d88389d7c77e13cd1895588753b08f74912c4846a273ca954f1bff6825773a","sha512":"704b8989c181b37c4b491d31bbd9ddf7c31e325c24fce2a2850550136b8db6946d5d7a1b0305049a995bf7883f8d838e8e8cbc48b6d9a3a974a894f1abb0c052","ssdeep":"","tlshash":"4aa002b438f46518400a3651606b529938641c149151d818987dac748aa2d9dcb55c66","size":60,"data":"","first_seen":"2024-12-01T20:47:54.825784Z","last_seen":"2026-05-24T09:28:08.976219Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"97eb3d03840cab341cff97887f3294f4","sha1":"74b47e70422016b7035517d7c698a004bbb96507","sha256":"86ea34ab993fc99815eeff8df14b9311060da1726def0471a0cdaf034e90e56b","sha512":"5cb2bb19cb08ff4fac769cf5c3b5f170db5ca71324965d8ca1b63b5a262ac848a134f7b9752a0f9a06e6dfad56ee158601ab95a143541014b3ce5da391ccc00f","ssdeep":"","tlshash":"2511ed9eb5a139ed578128d32c0d950d6c3eb5027c788a354521aaaa61b8f16209bc31","size":998,"data":"","first_seen":"2025-11-20T16:21:49.570541Z","last_seen":"2025-11-20T16:21:49.570541Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=jsonp\u0026callback=getIP","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"90a39389063c7c5716745c3b3bb4fba1","sha1":"a0903c9a7e90fa3c6ddb04d0ce36abbd4c7a004f","sha256":"eaa6745d9d0a7698235cd6af53aad1551d975506c8405d8303282fb6d2f7ab69","sha512":"3f61fba633be85c6250a904aeedd218b8ffc67b02115c2dd014c186aabe5c122b0f59f2cb643fd55eef7e9245526e18db585c5b6c25440fcd670a656e4fe9e56","ssdeep":"","tlshash":"06800022000002208c8a802ecaca032a23e8008ac20a08288e802b22ccb0fb802820ba","size":29,"data":"","first_seen":"2023-03-07T01:16:09Z","last_seen":"2026-05-28T15:25:19.266159Z","times_seen":18664,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/rr.php","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"0568a3f0112d1623451e9f59b1b241ae","sha1":"101a4176daa723a9a315e06dfe8e39ee3be21467","sha256":"0faad74b408d7c741d8e69fb54e5f31628f364d1c20c31a727739d830499acbf","sha512":"0d52cccd8a2adecb536d31faa4d614a59cb342c87fec43d047bd3281f850f0526fa714cd388f89b63368bda77567e36fa4f67c3c67137ee27f747ac1d80dbe05","ssdeep":"","tlshash":"0f80047d50010c71cf151144444500d01d1c44471d05333050c03c0dd115001470c010","size":37,"data":"","first_seen":"2023-12-07T00:41:05Z","last_seen":"2026-05-24T09:28:08.977435Z","times_seen":111,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"049e69ef46fd2624f73ce983050b88e8","sha1":"132e7b61916fd70c64bea85935c17e8b87bc6b84","sha256":"63e02bd33a5567deaafa0f313f3b970f2025ba07eeef61f736b67c399529706b","sha512":"f58e8e7ab45df003b05fc89534cd12a749877b2064222327481c71fb4cd3be208bb291589676d123354012ba3387212b799dcf132243f670e703203171b1d591","ssdeep":"","tlshash":"b95131868da765a1bd67272a4f5ff10930f3447f0884ca64791cd5083fe6a77b288af0","size":2505,"data":"","first_seen":"2025-11-20T16:21:49.573078Z","last_seen":"2025-11-20T16:21:49.573078Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"75cb6f7353688b4f094220448df92563","sha1":"374b3473ca7406f134adc780cffebe6ce852c3de","sha256":"1864e3924724fba38b8261e20ceb343767dec262bdecb4850fc909cd498e9f57","sha512":"791632d001630d8450b66738ccea21d96f8a380d2b5dc82d5801eebd02e4f2473ab083c109325dda8ba9d2a5977b5fdddf3449f7e0bf3729b1b51fd5cd9ac943","ssdeep":"","tlshash":"ea90026a647191c616d66421c53b1505643632b659008354195649502a5026e92aac9a","size":57,"data":"","first_seen":"2023-07-01T16:41:24Z","last_seen":"2026-05-24T09:28:08.974427Z","times_seen":116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/rr.php","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"61da93e279bc8ff633a58662c714de3c","sha1":"1abb4e471724fdfdd7a23a6bf5fba0006e4f2300","sha256":"33a9b51c5c8b08072ff1443173b64807786f4910a103c799834045ed5e6710dd","sha512":"8921b9ed0368122a9ba33cfe1266daf7c9dc3c57db622836a7d073cf63d9c400df0c62d3d310f8647e2f1345aa356b7b7c9bc63b6d8408084f4bb8a4967400d9","ssdeep":"","tlshash":"9f119c94338b24bd57617ab826094305a83d3e035c18894dce40daabb77cd9280a6c7d","size":920,"data":"","first_seen":"2025-11-20T16:21:49.577761Z","last_seen":"2025-11-20T16:21:49.577761Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"dc7f002c60c56cbcbf55eeb1854e8d40","sha1":"a104bdd9c8c0bbf2b86b24c4db3a5ddb2f742be1","sha256":"33b9b1fd1b93569979af528da2c8043386b9fd429bc1c4dde27c960b2c8f69d7","sha512":"5300d779bdb6ee7476249436a4dfeae3db6e6c92b35e524ccd3ebca66e7935765335d15f4df318d39eff1b8ca41977a616b7d7e635552910313f5785568809db","ssdeep":"","tlshash":"90518e752812b4415227d62ae3ce1b48043cb633b773485ef3b2794e8bc5a9c626759b","size":2621,"data":"","first_seen":"2023-07-01T16:41:24Z","last_seen":"2026-04-12T00:19:56.645529Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"allyouneedis2000.online/dating/?flow=527\u0026sub2=debbieholmes2009%40yahoo.com","fqdn":"allyouneedis2000.online","domain":"allyouneedis2000.online","tld":"online"},"ip":{"addr":"46.8.210.233","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-20T16:21:25.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis2000.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 20 Nov 2025 06:01:35 GMT","end":"Wed, 18 Feb 2026 06:01:34 GMT"},"fingerprint":{"sha1":"EE:8D:1B:5F:A4:33:89:03:57:96:21:B3:E5:40:36:4D:A1:85:C5:12","sha256":"47:DF:5E:66:55:52:8F:9D:16:DF:2A:14:97:E6:E8:D9:4C:50:36:30:58:95:23:5B:A4:12:E6:8A:B6:9B:E8:95"}}},"request":{"raw":"GET /dating/?flow=527\u0026sub2=debbieholmes2009%40yahoo.com HTTP/1.1\r\nHost: allyouneedis2000.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 20 Nov 2025 16:21:25 GMT\r\nlocation: https://allyouneedis3002.online/?s1=F008-67A2-FD5A-0B1F\u0026s2=3005410\u0026subid=\u0026sub2=debbieholmes2009%40yahoo.com\r\nserver: \r\nset-cookie: 392d0516=962e74553f583befbc70f02f0d6a04d4df9a; Path=/; Max-Age=86400; SameSite=Lax\nsite12=527; expires=Fri, 21-Nov-2025 16:21:25 GMT; Max-Age=86400; path=/\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":5835,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T17:37:38.968108Z","times_seen":15830666,"resource_available":true,"data":null}},"time_used":480,"timings":{"blocked":181,"dns":77,"connect":46,"send":0,"wait":118,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/img/1.jpg","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /landings/wlc12/img/1.jpg HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 43899\r\npriority: u=4,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:46:28 GMT\r\netag: \"6916de54-ab7b\"\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000;\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CcA0ktUaqoDyOZ5%2BTjk9rsoLA9LmPng%2Fuq4t3KG6KQ08qcQ6HjIOMumS5L4SGLmzqIAZTxV9IMvfBaau%2FIqToei0LnZk6rO%2F74C5OMgw1oWKi8Sdxg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1947c8cd3a56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43899,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=Paint.NET 5.1], progressive, precision 8, 604x686, components 3","md5":"56a3dc0d9ca10ebf7478b7a9ce0fede4","sha1":"6f1585cb0e7a6e7ce7ca82879937d84cbed26518","sha256":"82b363a32dd870d675f8baf539b77d9c109762e85072c6bfbbce2ec0021fedc3","sha512":"03320130e87bb9e347a5f3f1deba5bd6f608933c7412900f3a118727c8e79efba2bb6121368c42a159833202810de42c3f5a7678648d9ec5e9f94afd955d66ab","ssdeep":"768:/EM9nMEOhTC1RZKmUjSljFHONLodRoWwQDL7x81Uwi8jhrqNN91t4mdBScwmHu70:/ECfOhTCvfUjSzH9oM181Up8hrqv9bVF","tlshash":"311302ce2b2019ca82ef52f5996fa7e4e3049453a80c9db3405db2f47bf72bd6634140","first_seen":"2025-05-09T15:07:25.586778Z","last_seen":"2026-05-28T12:14:42.881905Z","times_seen":3359,"resource_available":false,"data":null}},"time_used":523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":495,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=jsonp\u0026callback=getIP","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu","date":"2025-11-20T16:21:23.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 07:43:05 GMT","end":"Sun, 01 Feb 2026 08:42:55 GMT"},"fingerprint":{"sha1":"BE:9D:76:9E:9E:2C:F2:8E:38:C4:E9:42:11:6A:45:24:E9:59:0A:5F","sha256":"D1:C5:0F:C4:11:DF:FE:54:9C:EF:8C:40:56:6C:79:4E:F3:E6:0B:24:15:B8:E1:60:2B:49:C2:41:96:C9:79:83"}}},"request":{"raw":"GET /?format=jsonp\u0026callback=getIP HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://90a57c9zn71.fjfmszb.help/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 20 Nov 2025 16:21:23 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a1947b3cacedfec-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"90a39389063c7c5716745c3b3bb4fba1","sha1":"a0903c9a7e90fa3c6ddb04d0ce36abbd4c7a004f","sha256":"eaa6745d9d0a7698235cd6af53aad1551d975506c8405d8303282fb6d2f7ab69","sha512":"3f61fba633be85c6250a904aeedd218b8ffc67b02115c2dd014c186aabe5c122b0f59f2cb643fd55eef7e9245526e18db585c5b6c25440fcd670a656e4fe9e56","ssdeep":"","tlshash":"06800022000002208c8a802ecaca032a23e8008ac20a08288e802b22ccb0fb802820ba","first_seen":"2023-03-07T01:16:09Z","last_seen":"2026-05-28T15:25:19.266159Z","times_seen":18664,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":17,"dns":1,"connect":1,"send":0,"wait":117,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/rr.php","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-20T16:21:24.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fjfmszb.help","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 15:15:01 GMT","end":"Sun, 01 Feb 2026 16:12:22 GMT"},"fingerprint":{"sha1":"A4:4A:D5:8C:AA:5B:6A:28:AA:BA:17:41:AC:FC:7B:4A:10:63:C6:EC","sha256":"15:B1:9C:DA:32:46:D7:74:45:4A:A2:0F:C7:02:EE:B6:65:54:4E:B4:72:28:CD:5A:D5:6C:07:E5:48:41:E9:A9"}}},"request":{"raw":"GET /rr.php HTTP/1.1\r\nHost: 90a57c9zn71.fjfmszb.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu\r\nCookie: so=b3V0bG9va0dfRGF0aW5nXzIwMTEyMDI1X2N1c3RvbQ%3D%3D; em=ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb20%3D; i=OTEuOTAuNDIuMTU0\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 20 Nov 2025 16:21:24 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\npriority: u=1,i=?0\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OTJOPJKo%2FD%2BzrRiwXitR0uNMg18aR2VZYs74%2FJAIK8E13JcWNjEsojHU5vKcmuv4X2nqkEzVsgCu0piwA7zfp52WTWAioD0oMw2d94ZOABYFQHZ%2FJp02nQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9a1947bb0f7c783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2104,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2104), with no line terminators","md5":"dd278a325b82de688988fbd7f0d19c2f","sha1":"d4940af790460d26a6bfa25ee4aa4be381820b65","sha256":"952d8cc3e1e39db8e6e55e6cfc59d5aafb98ef524bfae8ec0c4d02c1d102f28c","sha512":"44a1a8d11e7682715be64756f1151d28baeefb93080e5bda3099d329d1ca37df481e501535a271a0103f07f35d04c6d129675cbb0b53c0519aed894ae87775c1","ssdeep":"","tlshash":"a441ac9423061e7f43702f742608a3e9986f69032cc4f888ef20a7d5a27ddb2b057e34","first_seen":"2025-11-20T16:21:49.535708Z","last_seen":"2025-11-20T16:21:49.535708Z","times_seen":1,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis3002.online/?s1=F008-67A2-FD5A-0B1F\u0026s2=3005410\u0026subid=\u0026sub2=debbieholmes2009%40yahoo.com","fqdn":"allyouneedis3002.online","domain":"allyouneedis3002.online","tld":"online"},"ip":{"addr":"172.67.150.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-20T16:21:25.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis3002.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:05:24 GMT","end":"Tue, 27 Jan 2026 18:03:54 GMT"},"fingerprint":{"sha1":"8A:AD:15:EA:51:DE:AF:A9:CE:F9:3B:A6:FA:6A:91:58:13:07:B5:E9","sha256":"E7:F6:3F:B9:F9:7F:C0:23:E2:63:0B:D0:84:8F:8B:5E:3E:13:DD:50:F1:EF:B5:5F:A8:52:BF:3F:D4:20:2F:8C"}}},"request":{"raw":"GET /?s1=F008-67A2-FD5A-0B1F\u0026s2=3005410\u0026subid=\u0026sub2=debbieholmes2009%40yahoo.com HTTP/1.1\r\nHost: allyouneedis3002.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 20 Nov 2025 16:21:25 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000;\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PDbCJiVmELu9Q9JzU36HCIrlB3zmTNggIo5x%2FgQsVuD4DWBu8FRaSrsW2wjqguMsJjPx%2BPjiaCbGdNZE7Lyg5Eqn%2BbuQ%2Bm%2F%2B9opK91bEXiL2i6Uux%2FSl\"}]}\r\ncf-ray: 9a1947c368dab1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5835,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T17:37:38.968108Z","times_seen":15830666,"resource_available":true,"data":null}},"time_used":281,"timings":{"blocked":42,"dns":21,"connect":1,"send":0,"wait":197,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis3002.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis3002.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/img/flame.svg","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /landings/wlc12/img/flame.svg HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:46:28 GMT\r\netag: W/\"6916de54-7568\"\r\nstrict-transport-security: max-age=31536000;\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VfHaAPcXvCGuQxPHMEI%2BtBuv6a26PDxTv1EFjljWA52wjoNmg7Io08otj4rhjpTFLhOj3iw7g%2BhjzqybZyZhzoRC%2F%2BOuy3nwjWI3J4U%2FOaV%2BMSydlQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a1947c8cd3856be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30056,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"53d24866889942fb22e7f4257de4fb86","sha1":"de47570eb1b82f30a7a424b0b17f792982fd6e49","sha256":"2971ab8827870b8d13075f822133ba575622fa807c6cf76c2fe172bd01281ce9","sha512":"b30adf3861c65d83955142bdbe20a751951af4b3c8190f8d91f1ca8673d426640b5d0c2e64938ba18d41cfb6f42af82368b0907cbdc3ccddd7dfac1aed7be649","ssdeep":"768:QzD1+SdF24YrjJbuy+vwuAM+Pe7pXSksvMkzQwM:Ulqr9hAAM+yyMyM","tlshash":"f6d2e167bd04e39d5addc8e253ad03bab1c1b37da1254292603071d15bce9edda13873","first_seen":"2025-08-05T18:08:37.532045Z","last_seen":"2026-05-28T15:44:46.476849Z","times_seen":33845,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/scripts/fp.v3.js?id=646d4b3deea4287def3fdfc18906bcc7","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /scripts/fp.v3.js?id=646d4b3deea4287def3fdfc18906bcc7 HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:43:08 GMT\r\netag: \"6916dd8c-9ca8\"\r\nstrict-transport-security: max-age=31536000;\r\ncontent-encoding: gzip\r\nage: 4737\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eGPnCxdW%2Bar3vv8E%2BU41xLF3qmnTtLXr%2B9Zio4eoB1KWfR0dVpSZSEFBYRqpuB9YxE0nUX4YFTsNmlBh6mCeXyXeBgkVsplwW35FPmKn51wtuxqEhw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a1947c8cd3556be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40104,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (40096)","md5":"1d8ad98fe3471d1a74d485f9b4737bfc","sha1":"a1190f7bb41660f682d59e15c2606279da0792f7","sha256":"9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c","sha512":"7fb9f2102417806125bb6cfc40d829f98ca8cb772b9ba847562a19b7e0e6e3e1a3e78ccf464a2409741ee9074d12ca521d305c3ae16ff774e2bb6e3c462dda51","ssdeep":"768:WTW1G6kf2ckxyISuNwxJDJzFE8CYtCgkbAIlIdlIZCwXy:ljvfxyI7N8JDJJEnYsgu3ZRC","tlshash":"be0329d872c7b01e5263697a157fa046ba3abd50750d8c07da3be1c07ca5d4a023bfb9","first_seen":"2023-04-05T13:38:28Z","last_seen":"2026-05-28T16:54:38.518613Z","times_seen":336153,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/fonts/vendor.css?id=7a0110372b52032f107eb702c181d484","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /landings/wlc12/fonts/vendor.css?id=7a0110372b52032f107eb702c181d484 HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:26 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:46:28 GMT\r\netag: W/\"6916de54-2076\"\r\nstrict-transport-security: max-age=31536000;\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Va5W2kThm3uG9a%2FY%2Fv9jereTNZZr8H8vnxbwfU2uD%2F9heXKSPKHkIn%2F40UcIP%2FAO3EZlg5GU5y%2FaSi346JoTARPZJ%2FOrSAo%2FQg0vX%2BhcBaS1WlDFAw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a1947c8cd3656be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8310,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8309)","md5":"1e605e59e372d21a33f9257824314e3f","sha1":"fc287f24f1f965cffe10b96af7dc0948b26f84b2","sha256":"822b8766c351f01e09bf592622b237ff8c3097593bbf7bdb4e1fc6a8009ef375","sha512":"a422005510c9cff54a2d996218826dfaadf6eb5dcbc83ff1f06783728baaa858917b39b133658895c00f4b49c74173d7049c64637cda2908682bd5e3f085e309","ssdeep":"192:AALC6lGqd7OEdNCxDdQ4dof0TWkujkJhPrH:QiaDvScakJhPrH","tlshash":"930275315ff86039f72f876f75811e982ea4d973e2138f55b06ab624cec64a21271f09","first_seen":"2025-05-09T15:07:25.587764Z","last_seen":"2026-05-28T12:15:45.900122Z","times_seen":6802,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/img/5.jpg","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /landings/wlc12/img/5.jpg HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 127148\r\npriority: u=4,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:46:28 GMT\r\netag: \"6916de54-1f0ac\"\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000;\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mkzMIMU%2B7Pj37UAfOjZr9uC4xvjeigBJPvAM6ttanj%2FNOrrf4Y7E01ZrBk%2BArwmXURDhnX7mcD4l%2B0VCBLuR4Gi6FwHBftE57uIkQK%2B%2BoyBxJombGA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1947c8dd3f56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":127148,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3","md5":"5cb0b6388153204a0a80d2c498ad1431","sha1":"97eab87ca844360c2364ff5d52be00b9d0b44673","sha256":"b3d3026fbe07afbbe25b5b691e212142a688e72cfb1a9b465c723e9f3fb054a6","sha512":"733cf5cd2a40a43501d3004994d74e9b425a06912411c347eea660bc31ab0ac1f61ea8c5f572c1c1e301e633da1f41c06e05f960a218fbf66888c8effc68b731","ssdeep":"3072:sE8WzC3t4jGYqlxX99EEnSEfKfCnh3WJ8:sE8We3a6YqvDEES7f09W2","tlshash":"16c312f4e77106e07465fba789a0c64e7e68328a715eebc301ce9fa241572cf5481b63","first_seen":"2025-05-09T15:07:25.583897Z","last_seen":"2026-05-28T12:14:42.879588Z","times_seen":3385,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":528,"receive":226,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/js/vendor.js?id=5ef8a77c5038e8f417b665039eb1757b","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /landings/wlc12/js/vendor.js?id=5ef8a77c5038e8f417b665039eb1757b HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:46:28 GMT\r\netag: W/\"6916de54-1879e\"\r\nstrict-transport-security: max-age=31536000;\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IazinmN8yuk1Y4WRJlZM2rnfleIOChXkyxU4BA8TP1Zdem0v4X3%2F5Qj0jawYDYAXqc%2FjAPUinnc46M%2BLINcs5p5jp9%2FDJo%2BzZxbyK6JTQkr0S39dpg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a1947c8cd3756be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":100254,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"aca5e6c0028f1b4960a0e62d6d24e559","sha1":"4a8d1497f6447254f1e671ee5dda6bd72f562a17","sha256":"364258e1672bcb945d88922135f05c121011adc7539bcc2da9e34bf409d7d032","sha512":"87526b200bde3c28a84e5e9046339f4cc518a53b57317ed9219dd7254c0604445a6e6c2caab7d916165a4bbffb78f3adcc7ea263bc846b62d0ccd58fc3aedc3c","ssdeep":"1536:v8gdiZ8tGTw+U6XMUbxmyBgoCJSLvWrbUSNSDoAzyuDNEVsHdlBGHMuZ+3v2MQ8/:QdZSNSDotgHdZuE3v4JuxQEL","tlshash":"e0a319ddb2c6716347ab70ba00bf550af2365599680d8440f029d8eabc78e4e523bf7d","first_seen":"2025-10-31T14:13:53.047241Z","last_seen":"2026-05-28T17:15:35.765177Z","times_seen":214454,"resource_available":true,"data":null}},"time_used":619,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":617,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-20T16:21:22.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fjfmszb.help","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 15:15:01 GMT","end":"Sun, 01 Feb 2026 16:12:22 GMT"},"fingerprint":{"sha1":"A4:4A:D5:8C:AA:5B:6A:28:AA:BA:17:41:AC:FC:7B:4A:10:63:C6:EC","sha256":"15:B1:9C:DA:32:46:D7:74:45:4A:A2:0F:C7:02:EE:B6:65:54:4E:B4:72:28:CD:5A:D5:6C:07:E5:48:41:E9:A9"}}},"request":{"raw":"GET /?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu HTTP/1.1\r\nHost: 90a57c9zn71.fjfmszb.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 20 Nov 2025 16:21:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OIWojLJEDS9c%2FZ1qinUGDL67BRAo4JlqDn8d9tkNLR8HgjHv2czzTPYOE%2BnN3eb9C2U4X1EcfmrBcXHL0Gxd%2B3LoPprZUh4iu%2Bu2oJBqyHrEU9tMJnrGGw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: so=b3V0bG9va0dfRGF0aW5nXzIwMTEyMDI1X2N1c3RvbQ%3D%3D\nem=ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb20%3D\r\ncf-ray: 9a1947b138f80883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"ipify","description":"ipify is a service which provide public IP address API, IP geolocation API, VPN and Proxy detection API products.","website":"https://ipify.org","common_platform_enumeration":"","icon":"ipify.png","categories":["Geolocation"]}],"data":{"size":13564,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (13564), with no line terminators","md5":"e2759a9e9112a3342821a651bf350c1a","sha1":"52b68e104c672ce8561bc89cd7710e9ca6d28422","sha256":"9c75c9bcf22829f16a6a7c8c547016fa1d3d4ea8a434f41bae0cc490a6723676","sha512":"12c6ac16f3f40c792193d5f043bce0766ca1bb253e2fce102d80fb4c269b8e9bc35dc61a2dba0032942c5de46b1bc7c06dd063a66c880000759da5d8ecc293ed","ssdeep":"192:gWo0SgnlLH4TMH4TeS0cpGbYB2u/hewaAFgjd:gWongnlTK2uZewTFgR","tlshash":"1852731ed875860f3e1da296a35fc558b8c8d8398919df209e3fe72872316dc63904b7","first_seen":"2025-11-20T16:21:49.543215Z","last_seen":"2025-11-20T16:21:49.543215Z","times_seen":1,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":106,"dns":93,"connect":1,"send":0,"wait":215,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"svntrk.com/assets/rbl7_691f40064214c.js","fqdn":"svntrk.com","domain":"svntrk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svntrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 04:32:34 GMT","end":"Sat, 14 Feb 2026 05:30:20 GMT"},"fingerprint":{"sha1":"BF:4D:3A:62:F2:5B:3E:89:61:D9:71:5C:96:C6:D0:62:11:FA:7A:1F","sha256":"10:5C:69:47:D1:D3:B3:66:53:19:EB:42:2F:A7:4F:D6:CF:54:69:9A:33:BD:5E:66:FD:D7:17:D2:D6:DD:28:32"}}},"request":{"raw":"GET /assets/rbl7_691f40064214c.js HTTP/1.1\r\nHost: svntrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 20 Nov 2025 16:21:26 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: no-cache, private\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zmPyTEiC%2FCKKEcKlwEqsh9NcOB58986Y%2FkBLGKVuTC%2B7IabIH2bvisbARWMnR0GbNMs%2FiYGOgMnluU6xXJuGh%2FtW3NBQACey\"}]}\r\ncontent-encoding: br\r\nset-cookie: svnimp=691f400698795; HttpOnly; SameSite=None; Secure; Path=/\r\ncf-ray: 9a1947c8ecee5684-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T17:37:38.968108Z","times_seen":15830666,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":9,"dns":0,"connect":1,"send":0,"wait":146,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"svntrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:27.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://allyouneedis0054.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 14 Nov 2025 00:36:15 GMT\r\nexpires: Sat, 14 Nov 2026 00:36:15 GMT\r\ncache-control: public, max-age=31536000\r\nage: 575112\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-05-28T17:41:01.062244Z","times_seen":487434,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":89,"dns":1,"connect":14,"send":0,"wait":15,"receive":16,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026dsh=S2000288397%3A1763655687815038\u0026hl=en\u0026ifkv=ARESoU0BYLjTeumK54Di5oynLwpcruqaMr6t05tJOAE83NGuM-v9Gd1mvt7LkPkj2YTorHR_TXLuGg\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:27.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026dsh=S2000288397%3A1763655687815038\u0026hl=en\u0026ifkv=ARESoU0BYLjTeumK54Di5oynLwpcruqaMr6t05tJOAE83NGuM-v9Gd1mvt7LkPkj2YTorHR_TXLuGg\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-BJEsEfsCLPwmOr1wpNSVhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.gstatic.com/recaptcha/ https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.KEYUHSehrM0.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T17:37:38.968108Z","times_seen":15830666,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/favicon.ico","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu","date":"2025-11-20T16:21:23.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fjfmszb.help","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 15:15:01 GMT","end":"Sun, 01 Feb 2026 16:12:22 GMT"},"fingerprint":{"sha1":"A4:4A:D5:8C:AA:5B:6A:28:AA:BA:17:41:AC:FC:7B:4A:10:63:C6:EC","sha256":"15:B1:9C:DA:32:46:D7:74:45:4A:A2:0F:C7:02:EE:B6:65:54:4E:B4:72:28:CD:5A:D5:6C:07:E5:48:41:E9:A9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 90a57c9zn71.fjfmszb.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://90a57c9zn71.fjfmszb.help/?ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb206ZWxoNGk5ajhu\r\nCookie: so=b3V0bG9va0dfRGF0aW5nXzIwMTEyMDI1X2N1c3RvbQ%3D%3D; em=ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb20%3D; i=OTEuOTAuNDIuMTU0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Thu, 20 Nov 2025 16:21:23 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gSjAznY5zFwiyNhOifnN017q8WkT%2B27eA%2FPm3eXoXHojIChdFY%2FdihXIX0%2B0ADIFJ7ZjkWCGkr5xahMrCdn%2FmqhVYg%2BnK0Tw0z1%2Bs2BPeq861ovWQVlyOg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9a1947b4c953783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-05-28T17:34:53.025222Z","times_seen":517305,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"86:F4:DF:07:D6:8D:EF:68:44:7A:73:C8:39:14:1A:2F:98:5E:A2:40","sha256":"A0:B7:4F:94:25:40:33:52:BC:F7:0A:E1:AD:30:BD:19:C3:E9:BB:25:0B:05:26:7C:F8:BB:F0:59:3B:E7:F2:8D"}}},"request":{"raw":"GET /css2?family=Montserrat:ital,wght@0,100..900;1,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 20 Nov 2025 16:21:27 GMT\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3908,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"935871d1a732f1e46db8fac63abf0dcd","sha1":"1c67935ab647d6cb5bfa911856397443ab4a64ed","sha256":"b8eec3c6430ec7af2ae527219f944b1f3fde1695eb73efc2a56b3cabb23e2481","sha512":"2a9cb9036467308726cc6b979cab5e2c7159ec088436136f4aefc70cf43b6e90c7ebd277697beca525b052f2a8f8dc5909d9b9e5e4b09afc930e290a7195a571","ssdeep":"","tlshash":"2481c0910517a504da471cc523cf7e26de0e66767494d5797ffe2ca8bdeac220324b2c","first_seen":"2025-09-05T02:18:57.460387Z","last_seen":"2026-05-28T17:31:59.6269Z","times_seen":78196,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":158,"dns":1,"connect":27,"send":0,"wait":45,"receive":0,"ssl":128},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026dsh=S2000288397:1763655687815038\u0026ifkv=ARESoU1YutHLAc9mAbXCEAgYdIU2SxLcVeob7oFJ3ReXbeHSkGP4kBTrcAFlZ5JqYB7Dnfa4c15H2w","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:27.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026dsh=S2000288397:1763655687815038\u0026ifkv=ARESoU1YutHLAc9mAbXCEAgYdIU2SxLcVeob7oFJ3ReXbeHSkGP4kBTrcAFlZ5JqYB7Dnfa4c15H2w HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:6D4RDpbCsoSqDGN_l4fj2ok0qe577w:gZTQC26lRs_xuBN-;Path=/;Expires=Sat, 20-Nov-2027 16:21:27 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026dsh=S2000288397%3A1763655687815038\u0026hl=en\u0026ifkv=ARESoU0BYLjTeumK54Di5oynLwpcruqaMr6t05tJOAE83NGuM-v9Gd1mvt7LkPkj2YTorHR_TXLuGg\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-vNRGpBudMhxbjntZjCLfjA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 431\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T17:37:38.968108Z","times_seen":15830666,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/img/2.jpg","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /landings/wlc12/img/2.jpg HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 107708\r\npriority: u=4,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:46:28 GMT\r\netag: \"6916de54-1a4bc\"\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000;\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iO%2B66tYYQV4l5kV3RtzesWKu3NMBQDnX1ChE5h3rKAMgVHmEU0rwXtnpU4D5mzWlY2kr7NEqATiKumSDfeHQOlkDfsr5X7QfsugzB6w2mNN1FCxUnQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1947c8cd3b56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107708,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1278, components 3","md5":"02652f037a869a2cc8d288758f7aaf1f","sha1":"86d98f5d858c8d6feebf44772f946a08f8215f95","sha256":"32d928ba036e69387bfe8b1f5c7bee235c7604cc67945e6d9579df434d863fa7","sha512":"f4da8f1c65be62101f682a675fd835c42855468abd9b54fc7c2c7b142b65e495a6b0fe02b227de0d5cbd6eb0529584e84a27e1c3feedceb59779a686da69668e","ssdeep":"3072:HEoZOcqSvfUqNpGFqU8Y6CeT3tphrNVih0Zd71Zd:HEo4cqSHLNkFV8f9brV71Zd","tlshash":"12b31273f555ad2cd8fc0f9ef21d32c82681a68f6259a2c30887a7485738ec9d55dbc2","first_seen":"2025-05-09T15:07:25.578212Z","last_seen":"2026-05-28T12:14:42.88672Z","times_seen":3377,"resource_available":false,"data":null}},"time_used":740,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":513,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/img/4.jpg","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /landings/wlc12/img/4.jpg HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81923\r\npriority: u=4,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:46:28 GMT\r\netag: \"6916de54-14003\"\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000;\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hvIAr57J%2FA1iraFkm196ri5BCog720eqjeRux2vg9muB4zq3BZrqnp2EX2briPh6G1pzVeOdIWOywz5Sba0U0eJcCg0lZ1APUkajhmDLe6zTUqz2vg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1947c8dd3e56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":81923,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 864x1080, components 3","md5":"0ec4b5f88d7d4d3f488fe235e2dba0dd","sha1":"0655bcd3cac0ba655548ee4ac69a4891ddd9db67","sha256":"7e390b2e5211553a233a152c247e9adecaeb5eb5766c2a7b51036bbc3eaedbd5","sha512":"1272b62c220fcc8dff01c1f88c1332a14aa15d2a86eb4ffb974e17b04e71e0814d20b0c872b3ae64ddea202102af49ae579002e793f2b0abdce5bff11d0210b5","ssdeep":"1536:OECmLsXflBHmwRaFMRvkeeNAyrtJwrLx3ACzqX1vpgvBOgcYITRk5Zy/IsQn:OECmsjmpMRv38xJwPx3ACG12pHcsZy9W","tlshash":"9d8302d7972739b9d2bc2fa3518ad2e9549b512e3fbf50b40fa542485e2bd2c0c361a0","first_seen":"2025-05-09T15:07:25.589264Z","last_seen":"2026-05-28T12:14:42.882479Z","times_seen":3369,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":500,"receive":118,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/img/6.jpg","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /landings/wlc12/img/6.jpg HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 87852\r\npriority: u=4,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:46:28 GMT\r\netag: \"6916de54-1572c\"\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000;\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X2gGQ29agHdOO43w%2FpqarxFW%2BepdL%2B2499XHHJ5GfH3j60Y6t92DD631tGSTqF64lx9Y%2FpslgV05P%2Fq%2Fj7%2BPpQ114R97z23itV3IGhltTHXqP0zCxw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1947c8dd4056be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87852,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=Paint.NET 5.1], progressive, precision 8, 923x880, components 3","md5":"f1356a380f1619c3f3fa964466eb9d2d","sha1":"0c92ae130a08e9005e17caf15a07d4f4450c5f34","sha256":"773bf1d986d1df26d2128d73d493d2093a90f0ca2d4c67c055fe4db9b76c215c","sha512":"cef3c9ba57ca37dacb0006bb60bff68b16113c522c62f2810a97b0388bd639e24eb73753ec4f572c9610a06357bf3285f612a887ccdd6db505cc8db8cb25c94a","ssdeep":"1536:/EyTK0f5amFgznXcAKByxhUd3sZddLGa9PPy7reM74NcK4X+gKkP+vzKbDn78Xw8:/EyTKAbFgzMZMxhK8ZXF66QccKM+qP+/","tlshash":"cd8302aa0539bba373c31c37fa9c7bb951b8c15812ce209111854d0bbee967812b895f","first_seen":"2025-05-09T15:07:25.584833Z","last_seen":"2026-05-28T12:14:42.883004Z","times_seen":3377,"resource_available":false,"data":null}},"time_used":604,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":482,"receive":122,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/favicon.ico","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://90a57c9zn71.fjfmszb.help/rr.php","date":"2025-11-20T16:21:24.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fjfmszb.help","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 15:15:01 GMT","end":"Sun, 01 Feb 2026 16:12:22 GMT"},"fingerprint":{"sha1":"A4:4A:D5:8C:AA:5B:6A:28:AA:BA:17:41:AC:FC:7B:4A:10:63:C6:EC","sha256":"15:B1:9C:DA:32:46:D7:74:45:4A:A2:0F:C7:02:EE:B6:65:54:4E:B4:72:28:CD:5A:D5:6C:07:E5:48:41:E9:A9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 90a57c9zn71.fjfmszb.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://90a57c9zn71.fjfmszb.help/\r\nCookie: so=b3V0bG9va0dfRGF0aW5nXzIwMTEyMDI1X2N1c3RvbQ%3D%3D; em=ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb20%3D; i=OTEuOTAuNDIuMTU0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Thu, 20 Nov 2025 16:21:24 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yaTX28a7Wa6Cl6TYLzFgcSWLLaC2eQHjqE%2Fy8qnStda%2Bv2FZ7TazxpbJ0a%2FRyU646u5lrHgO558BTIaKqH0j6fg3xzSnfoTQieH62140S580i1y%2BnC1k4w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9a1947bc4c73783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-05-28T17:34:53.025222Z","times_seen":517305,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-20T16:21:25.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 20 Nov 2025 16:21:26 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=31536000;\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qcZv86USvIPkUFLAgEJsMutSh3eMati9%2BD0RuK5lAZvwgwlW6XEPxXkYD8FEeGQc69SQEcyyxWlRb32eVIUcpEdOdIwQyV3t74wPIKt9UVj7VkidUyQW\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; SameSite=Lax; Path=/; Max-Age=7200; Expires=Thu, 20 Nov 2025 18:21:26 GMT\nlaravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; HttpOnly; SameSite=Lax; Path=/\nSRVNAME=w2; Path=/\r\ncf-ray: 9a1947c53c718deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5835,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"420fb41aad6d1cba447f82bbce119eee","sha1":"306d20ed570f395eed9dff976d96ca36b9ca11b2","sha256":"940b58eda93a1640891ff3ef00fc65e7a8d09f37454d1ff02c4855a337c3dc25","sha512":"02b065c60bf5e4fb62717ac39cdccd8b1435907f569197dabf2e3ae9caee5d62f9746f68fd893a6bb760e1844ee9e07f336983ff87ad38a048adda07d727fd6a","ssdeep":"96:LSicXIx6hWy78Elq2gq6+K4PK1DyJRoBY5ddKbfptBChUrkKb4UZUgDu:LgXDhWy793gq6AKmncfzRXu","tlshash":"eac1326388a6449d97420354cf1ded1864d3116f0f55c8a9b86dd8ca3fb7a6ff2510f4","first_seen":"2025-11-20T16:21:49.549803Z","last_seen":"2025-11-20T16:21:49.549803Z","times_seen":1,"resource_available":false,"data":null}},"time_used":593,"timings":{"blocked":94,"dns":77,"connect":1,"send":0,"wait":405,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/img/wow.svg","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /landings/wlc12/img/wow.svg HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:26 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:46:28 GMT\r\netag: W/\"6916de54-9aa\"\r\nstrict-transport-security: max-age=31536000;\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F%2FN2gcPQoqo0x33S5yJT34pQGVPFRweGa5TNCaDIo8TXw7kdTzfZOm9%2FgtWZ8oQfRxQfCCezmU%2Bknk1eLnvPnL4jO7w4fTkHep%2FknMglctXvvWG9Rg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a1947c8cd3956be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2474,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0b23969cc47c075cf0c5767608c42d8a","sha1":"38a8677999e79d79508d1c327fe91294c835b3fb","sha256":"3423560559280448892b3a6573d1360216b5c4a4134d5a85269df24424a499f7","sha512":"3d349d7a8ae476992df929e942365b98315d450745625aa5df57ca215a2158a35c6f1c5ff40fc11c1c081977c5adb3ce9656cab88adb476a944bb195f090e4e9","ssdeep":"","tlshash":"9b5160d4136993a4e811f7f4c37e5925780b25f03b82ca79c7a6bd40c9200ad8eb69d2","first_seen":"2025-08-05T18:08:37.5491Z","last_seen":"2026-05-28T15:44:46.477537Z","times_seen":27136,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":349,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"90a57c9zn71.fjfmszb.help/r.php","fqdn":"90a57c9zn71.fjfmszb.help","domain":"fjfmszb.help","tld":"help"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-20T16:21:25.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fjfmszb.help","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 15:15:01 GMT","end":"Sun, 01 Feb 2026 16:12:22 GMT"},"fingerprint":{"sha1":"A4:4A:D5:8C:AA:5B:6A:28:AA:BA:17:41:AC:FC:7B:4A:10:63:C6:EC","sha256":"15:B1:9C:DA:32:46:D7:74:45:4A:A2:0F:C7:02:EE:B6:65:54:4E:B4:72:28:CD:5A:D5:6C:07:E5:48:41:E9:A9"}}},"request":{"raw":"GET /r.php HTTP/1.1\r\nHost: 90a57c9zn71.fjfmszb.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://90a57c9zn71.fjfmszb.help/\r\nCookie: so=b3V0bG9va0dfRGF0aW5nXzIwMTEyMDI1X2N1c3RvbQ%3D%3D; em=ZGViYmllaG9sbWVzMjAwOUB5YWhvby5jb20%3D; i=OTEuOTAuNDIuMTU0\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 20 Nov 2025 16:21:25 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\npriority: u=1,i=?0\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WPjyTASYPPv8%2FjWFz7dMA636fq2Tg4I%2FkwMHAqgNL%2BNN3MiylUDFkTLLA5%2FMmMqZNfmDVnIAjtd%2FXI0zGVPQ9%2BW0ZHJSUIwYXq7%2BpqB8%2F8fe3WP32kh1tg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nset-cookie: PHPSESSID=o9a60if09qe6qo1u4lbbrcn1dn; Path=/\n_subid=1sjos4feeo2a; Path=/; Max-Age=86400; Expires=Fri, 21 Nov 2025 16:21:25 GMT\n4784d=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0XCI6MTc2MzY1NTY4NSxcIjQwXCI6MTc2MzY1NTY4NX0sXCJjYW1wYWlnbnNcIjp7XCIxXCI6MTc2MzY1NTY4NSxcIjVcIjoxNzYzNjU1Njg1fSxcInRpbWVcIjoxNzYzNjU1Njg1fSJ9.oLwWimLRdSQkMdEozRYe6X0KRvWiohcn69ibMVc6T60; Path=/; Max-Age=86400; Expires=Fri, 21 Nov 2025 16:21:25 GMT\n_token=uuid_1sjos4feeo2a_1sjos4feeo2a691f4005365586.79761015; Path=/; Max-Age=86400; Expires=Fri, 21 Nov 2025 16:21:25 GMT\r\ncf-ray: 9a1947bf5e0c783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":246,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7638c16cd64bcf5c8c8351e519a97657","sha1":"30feee2c46bc5fe1e2e9dc3ca7367afb745d80bc","sha256":"c25e4ba6790a2d0c063a472272984177f95850b198cb64d0f8eb36823907dd0d","sha512":"ede262501856aac071f28fce24e21d8f6d220ffedb95ff367a7ddada5fe641d5292ad3ede660dd351720e822efe46dc9bb4bd25b61625e1e6a2f471281f70e7b","ssdeep":"","tlshash":"9ad0a792509c550de311493919f4b7545586f00f83a8e844f2d4c08b1bf4f57d2d32b4","first_seen":"2025-11-20T16:21:49.552757Z","last_seen":"2025-11-20T16:21:49.552757Z","times_seen":1,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/img/3.jpg","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:26.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /landings/wlc12/img/3.jpg HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 38810\r\npriority: u=4,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:46:28 GMT\r\netag: \"6916de54-979a\"\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000;\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pnyyMRU%2FuZQretcliIiVxcWu6QwrkChDO1jQ0ddsVnUGAxfC1I2EBxoMH%2FXdoP%2F21pBiXC%2B6pKz99clOVFVAM6XYwn3b%2BB31zZJIhxtScjZc1NzJJA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1947c8dd3d56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38810,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x900, components 3","md5":"23a28d835eb34c2ffaa6e0f863b195d9","sha1":"86d0d22e7c5717960a018be4fee27fc620977b95","sha256":"b4d840fd2184366520321f1fbda6e55f53f5b157a4bb4d8bbdf82ed0d4361c68","sha512":"fdb1daf516a255a9341d66c313fe28241c5c18de3e9f821879c3ddbb388035cf1fa9a274b348fed8be4d3c0de5a07c2b532f27b2e4175bb7ce69f9eab1a5c830","ssdeep":"768:DEx73Xi5kYvG/djBJAiM7BBeP/9kruojRGGYZ9BZLEhD:DEd3XokYwBOipk6xPlZc","tlshash":"7603022287daa571e3dcb53c570903ab30a99279c9180dd57e74bbee9f7c4e5280c2a4","first_seen":"2025-05-09T15:07:25.575929Z","last_seen":"2026-05-28T12:14:42.888243Z","times_seen":3379,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":504,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:27.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:rlPHA443wCN0EKFmxCUA058xmtXNTQ:jKHIojLPd6Hqz1la; Expires=Sat, 20-Nov-2027 16:21:27 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026dsh=S2000288397:1763655687815038\u0026ifkv=ARESoU1YutHLAc9mAbXCEAgYdIU2SxLcVeob7oFJ3ReXbeHSkGP4kBTrcAFlZ5JqYB7Dnfa4c15H2w\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy: script-src 'nonce-5_X45Qy4PsPzOTLSbxH0Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-opener-policy: unsafe-none\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T17:37:38.968108Z","times_seen":15830666,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":83,"dns":0,"connect":16,"send":0,"wait":25,"receive":0,"ssl":63},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allyouneedis0054.online/landings/wlc12/img/favicon.png","fqdn":"allyouneedis0054.online","domain":"allyouneedis0054.online","tld":"online"},"ip":{"addr":"104.21.64.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:27.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"allyouneedis0054.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 17:10:45 GMT","end":"Tue, 27 Jan 2026 18:03:57 GMT"},"fingerprint":{"sha1":"39:52:66:00:BC:36:F3:EE:20:53:FA:51:E1:87:C4:A5:BB:E8:23:44","sha256":"31:E0:E7:D2:51:57:8E:57:28:E4:7D:08:64:16:25:4D:FE:69:50:E5:FD:24:3E:72:8D:8E:85:3D:3C:29:E3:9F"}}},"request":{"raw":"GET /landings/wlc12/img/favicon.png HTTP/1.1\r\nHost: allyouneedis0054.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com\r\nCookie: XSRF-TOKEN=eyJpdiI6IkFta09nd0tRaVV1YmtXTFpEWHZuT3c9PSIsInZhbHVlIjoiZSt1UTBPZytRZS9uMWhpL1NJeUo4Ui8wdmxmemdRamNLWkg5UjI0MlU1eDdnalZoRHlxUURBWnA3MjI4Y3RsTSIsIm1hYyI6Ijk5OGE0Mzc2ODk1MWFiMDdhZTRjMGM3ZDdlZDk1ODU0OWI2MTJiNzMxMGE2NTk5M2EyN2RiZTEyMmFjMmI5NGUifQ%3D%3D; laravel_session=eyJpdiI6IjhCVTF6N2RwMTlEaTJTVUVBSGFpbFE9PSIsInZhbHVlIjoiaUNDQWJGbXdoQzNmcEs4RlZ1VC9va3h2bWlPdm9kRUI3VnQ4bm1vNlZwdEkzKzAzSVpwbEEwN1JmeGhwZ044bSIsIm1hYyI6Ijc4MzI2YWJjZTE0MmRmZjQyNzVlMTAwMTI0MWQ1YWUxYzFkNDYwYjBkNWVkYmMyMTdmZDAyMjQ3MWUzZjliOGYifQ%3D%3D; SRVNAME=w2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 13035\r\npriority: u=6,i=?0\r\nlast-modified: Fri, 14 Nov 2025 07:46:28 GMT\r\netag: \"6916de54-32eb\"\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000;\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ec61NNFLrP9Wy%2BhfNf0UDXANjqF57grmbfAfPJt9qZp1GsuHuIX0WdqHcStXcywYw9rK8Rim%2BC2xjvukBE6U3kFEK%2BNxregWzwI7I0UpI4CWDaNZuQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1947cdcd8c56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13035,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit colormap, non-interlaced","md5":"52b1901a9f434a850bb9e39911062cbd","sha1":"c30a62ca3a43b360330dc4967ee4c50d3a90a6a8","sha256":"5323f52cbd57f277ef53a787be5be9ab01f3f3b91d1c476158f10030a46fa582","sha512":"747aeba542231eed8d55202d2f479c18515d42ba67cfe24879c5c979abcd313cfbdb08462b0f925da9772a6a0c3c50940ed94d8b0c56aea305e7da1e761ae1cd","ssdeep":"384:MiQeGLsFHyk1Xe7dwYlKMU/UgTDpgxlSr:R5EsFHyk1u7E71gur","tlshash":"8442cfef12c46a56e7f42505a9eb071b853770104a91a78b7920a72af711cd583a8c6f","first_seen":"2025-10-31T14:13:55.309916Z","last_seen":"2026-05-28T16:54:38.532125Z","times_seen":59619,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":346,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"allyouneedis0054.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100","fqdn":"lh3.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allyouneedis0054.online/?s1=rbl7\u0026i_invite=debbieholmes2009%40yahoo.com","date":"2025-11-20T16:21:27.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"BD:40:9A:DB:26:FC:C1:FF:4D:85:05:A9:F0:E9:24:BD:05:29:25:7B","sha256":"C7:A3:E4:68:D6:D8:86:E7:C6:E2:D6:E3:1D:DA:60:9A:35:7E:71:9E:F1:91:26:57:47:43:91:7C:CE:BB:07:17"}}},"request":{"raw":"GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1\r\nHost: lh3.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nlocation: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\r\ncache-control: private\r\nvary: Origin\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 20 Nov 2025 16:21:27 GMT\r\nserver: fife\r\ncontent-length: 337\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T17:37:38.968108Z","times_seen":15830666,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":142,"dns":77,"connect":7,"send":0,"wait":32,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}