{"report_id":"c23d1b73-4fd2-4d9c-bd3d-fd23c011be1a","version":0,"status":"done","tags":[],"date":"2026-07-02T12:54:40Z","url":{"schema":"http","addr":"cb.vault-secure.com","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":0,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"cb.vault-secure.com/login","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"title":"Login — Coinbase Vault","dom":{"size":9478,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (741)","md5":"219a7177d8f50e8ca947f10c010be27b","sha1":"8eb50009822e87be3a5832f5754e76fe35cdc9cc","sha256":"76ed311e2376b14e22eda76695927760da718a23d733ed8c2a6476617937de43","sha512":"1254c62f1769c4366e67da28c5a02b29e63d745b4c3f6a7b2484223b648ce8a35aeaeeb91105f826e5f435974a6ab8c8986770f63ffb9ad4c476ae13bd36f36e","ssdeep":"192:Or/yMsgTg5wHnrZWEWqIUfTI1orgQuhM8zt8ZSZVdN7feoRG:Or/yMsgTg5wHrZWGRbIeuhM8z1ZBfeo4","tlshash":"ec12daf770f41d72075b85a935a547483c24900bef07860036bc4aa96fe7e9229735dd","dom_hash":"domhashd05360325fa860f0a124fe31af07c541","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cb.vault-secure.com","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":0,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-06T12:54:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cb.vault-secure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cb.vault-secure.com","ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":10,"request_count":10,"received_data":411063,"sent_data":5092,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-06-28T22:41:44.776353Z","alert_count":0,"request_count":2,"received_data":261089,"sent_data":1147,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cb.vault-secure.com/js/main.js","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"de7e21a68ce4d3290cb997257870998b","sha1":"bb720c79bd021e299551d07a8c22fc1018a2f101","sha256":"d8d81c437ca32f21a6bd388feea8adfe2604de6e2159e2a5c99d23a153969ac6","sha512":"53aa06caf90a19ef58baac2dcf094ec5cf0c10e356664035ae624ca950434b95ac5ad8ba0b618e74f168660f199203e03bf75c39fc9f811e116a38468f26dbf9","ssdeep":"","tlshash":"b771caba25e221757167e47d43af2a04313a7403340aca15b87cf548dfec66a8276afc","size":3718,"data":"","first_seen":"2026-07-02T12:54:44.948402Z","last_seen":"2026-07-02T12:54:44.948402Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cb.vault-secure.com/login","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"db0405e1d5df768ed93e354d7b9e0748","sha1":"ca5128a8a6a6fefa82ff730d676eed041dae6b43","sha256":"0c15856c8cd8653c310d8c97ffa64506c655f94a00f88fc610fb6df9aaae1d0c","sha512":"78c1829cee8ee70861f4bfdd9f8f2dde949b3311a5613ab059f62e37941c377a86c826f54d8304d24d3681ee28292e314f4056addfdadfe2f2448679793f22d2","ssdeep":"","tlshash":"8f51bef779f618b10aefa6bb31a6478c382540152d07d2517d3c09484f62e863a73eea","size":3134,"data":"","first_seen":"2026-07-02T12:54:44.951591Z","last_seen":"2026-07-02T12:54:44.951591Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cb.vault-secure.com/fonts/Coinbase-Display/Coinbase_Display-Bold-web-1.32.woff2","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cb.vault-secure.com/login","date":"2026-07-02T12:54:17.568Z","timestamp":1782996857568,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cb.vault-secure.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 21:46:23 GMT","end":"Tue, 29 Sep 2026 21:46:22 GMT"},"fingerprint":{"sha1":"3F:A7:A8:29:71:1F:16:32:FC:BD:55:88:4D:C5:9E:80:64:7E:92:AA","sha256":"D0:C5:B4:D8:BB:DB:6D:EF:0B:31:55:5C:3F:8A:A2:E7:31:3E:84:23:31:76:80:48:F3:AA:84:C5:6F:3C:23:86"}}},"request":{"raw":"GET /fonts/Coinbase-Display/Coinbase_Display-Bold-web-1.32.woff2 HTTP/1.1\r\nHost: cb.vault-secure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cb.vault-secure.com/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Thu, 02 Jul 2026 12:54:17 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 38648\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 01 Jul 2026 17:49:58 GMT\r\nETag: W/\"96f8-19f1ecd4d04\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38648,"size_decoded":38952,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 38648, version 1.2097","md5":"54cecc055d89882e7d9b7bd5e0fe792d","sha1":"260252722c8c217a512b08eb228b0867dc7ca16e","sha256":"aebdaa8561b78eeb8630f7c8e336d8f898cfa269afcef808066d5308d5f02945","sha512":"579a706103a47da46cba02a7ffe00345ac0fca56c74200d8e21be06cbf3d2cf2e4902e2ee02792be8aac959ab89a56b410b185d0e89fa3e7db54af311ca4c759","ssdeep":"768:pRJEgtKj/5UreUy9VyMqlE/0NZ1mcxuBDF1lQznuuVh:pRJEgtKj/5FUyVB/+nMD6znu2","tlshash":"6803f1fb8f95f9b892a577b361833480ec95b4c5932ba4761fee703ebc5204194b3451","first_seen":"2025-07-26T05:48:35.426161Z","last_seen":"2026-07-02T12:54:44.932082Z","times_seen":7,"resource_available":false,"data":null}},"time_used":358,"timings":{"blocked":-1,"dns":0,"connect":39,"send":0,"wait":235,"receive":39,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cb.vault-secure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cb.vault-secure.com/fonts/Coinbase-Sans/Coinbase_Sans-Medium-web-1.32.woff2","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cb.vault-secure.com/login","date":"2026-07-02T12:54:17.570Z","timestamp":1782996857570,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cb.vault-secure.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 21:46:23 GMT","end":"Tue, 29 Sep 2026 21:46:22 GMT"},"fingerprint":{"sha1":"3F:A7:A8:29:71:1F:16:32:FC:BD:55:88:4D:C5:9E:80:64:7E:92:AA","sha256":"D0:C5:B4:D8:BB:DB:6D:EF:0B:31:55:5C:3F:8A:A2:E7:31:3E:84:23:31:76:80:48:F3:AA:84:C5:6F:3C:23:86"}}},"request":{"raw":"GET /fonts/Coinbase-Sans/Coinbase_Sans-Medium-web-1.32.woff2 HTTP/1.1\r\nHost: cb.vault-secure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cb.vault-secure.com/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Thu, 02 Jul 2026 12:54:17 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 40016\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 01 Jul 2026 17:49:53 GMT\r\nETag: W/\"9c50-19f1ecd360c\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":40016,"size_decoded":40320,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40016, version 1.2097","md5":"b54c6aeed882bdf66df4e5fac9c2340e","sha1":"b483fbe25190262b648b390c11e6bdf9fea33edb","sha256":"81368223143520415fe7fbdc3792d2d52ad7e422d8b214661ff932afe577b779","sha512":"3afc93e98b6a5a756a0e0adfc5d04da8258cbf9065fe4a90673d3193baefce1fb9867fc235dd953a4dce5a2b033b3d1f4280f20270db913baa0f72a3a73bf804","ssdeep":"768:acqYNePjaM2LJWNjCEa18ryDLCIZJFxucAMXM9tcrYecoNj46FSc3Xy6mjLk:a2NePjaMG3CIVxu3cMj1ebx4aSc3Xnm0","tlshash":"8603f1e3a36799e3dfaf54a575c21eac1a1044d765a3afa9d5f2024730d2d0d54031ec","first_seen":"2023-04-22T15:10:15Z","last_seen":"2026-07-02T12:54:44.936519Z","times_seen":1475,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":-1,"dns":0,"connect":40,"send":0,"wait":237,"receive":39,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cb.vault-secure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cb.vault-secure.com/fonts/Coinbase-Sans/Coinbase_Sans-Bold-web-1.32.woff2","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cb.vault-secure.com/login","date":"2026-07-02T12:54:17.577Z","timestamp":1782996857577,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cb.vault-secure.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 21:46:23 GMT","end":"Tue, 29 Sep 2026 21:46:22 GMT"},"fingerprint":{"sha1":"3F:A7:A8:29:71:1F:16:32:FC:BD:55:88:4D:C5:9E:80:64:7E:92:AA","sha256":"D0:C5:B4:D8:BB:DB:6D:EF:0B:31:55:5C:3F:8A:A2:E7:31:3E:84:23:31:76:80:48:F3:AA:84:C5:6F:3C:23:86"}}},"request":{"raw":"GET /fonts/Coinbase-Sans/Coinbase_Sans-Bold-web-1.32.woff2 HTTP/1.1\r\nHost: cb.vault-secure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cb.vault-secure.com/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Thu, 02 Jul 2026 12:54:17 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 38440\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 01 Jul 2026 17:49:54 GMT\r\nETag: W/\"9628-19f1ecd3c50\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38440,"size_decoded":38744,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 38440, version 1.2097","md5":"1bd2746bf1673d5fd309eb8705387859","sha1":"0d255a9f1c074b1217846987c38b9ba2ba130fca","sha256":"22b89501014be520553106d1c240a32079af8c2c92d6b9c8c4d1881f6213c1dd","sha512":"9ff4ed16fe89207cda5e33e30f4558e2fbce93d8e8f38291c52b0c8f81de1c82f7a13f1d6593b27eae44cb682988c9a30285531ae2f5729fe4310908adf258d2","ssdeep":"768:y20pkypLC6U/9wbvjwH6OpD1Qq40M6W/sAnA7zwmDJMTpIhp0DFGluUWXVxUmLZe:y5pkypLCzIvA6O0p6WSfwmlcCp0pWuU7","tlshash":"1f03f1b51cbfb522c748c034f419d895457af88b5ef0e095b1ed80e7854c7d9b2f9489","first_seen":"2023-08-17T10:59:17Z","last_seen":"2026-07-02T12:54:44.938405Z","times_seen":19,"resource_available":false,"data":null}},"time_used":445,"timings":{"blocked":-1,"dns":0,"connect":50,"send":0,"wait":237,"receive":102,"ssl":55},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cb.vault-secure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cb.vault-secure.com/images/logo.png","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cb.vault-secure.com/login","date":"2026-07-02T12:54:18.028Z","timestamp":1782996858028,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cb.vault-secure.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 21:46:23 GMT","end":"Tue, 29 Sep 2026 21:46:22 GMT"},"fingerprint":{"sha1":"3F:A7:A8:29:71:1F:16:32:FC:BD:55:88:4D:C5:9E:80:64:7E:92:AA","sha256":"D0:C5:B4:D8:BB:DB:6D:EF:0B:31:55:5C:3F:8A:A2:E7:31:3E:84:23:31:76:80:48:F3:AA:84:C5:6F:3C:23:86"}}},"request":{"raw":"GET /images/logo.png HTTP/1.1\r\nHost: cb.vault-secure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cb.vault-secure.com/login\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Thu, 02 Jul 2026 12:54:17 GMT\r\nContent-Type: image/png\r\nContent-Length: 94882\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 01 Jul 2026 17:49:48 GMT\r\nETag: W/\"172a2-19f1ecd2630\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":94882,"size_decoded":95186,"mime_type":"image/png","magic":"PNG image data, 800 x 802, 8-bit/color RGBA, non-interlaced","md5":"daaa80bce3c705daa3116398b7fb191f","sha1":"869ac98bb0053f01f593fde04ed0c54bbfcc73f5","sha256":"41e793c2e2a6a5a71b44463e992642be3cad95d1a755664e9231815763ce48df","sha512":"51a4951ae5689c0ede11d2dbea70b5397612b719546846d8b77c31c58f98c883f64604634cd88730850ddd3497a6358519758dc769ca5fd0e841527c959ade72","ssdeep":"1536:LT6fBbBrxI1ehrDFyW6ZN6dv2UgDeaLnwrk9c7qH+3xJ6XpnQ31egnEo:LYl9tcUgDJLnww9oxJSnQ3rEo","tlshash":"8b9302c7493882b6f1b7dda2c83e094522b454bee6173f985466fe000ac7d946fe1e83","first_seen":"2026-07-02T12:54:44.940554Z","last_seen":"2026-07-02T12:54:44.940554Z","times_seen":1,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":187,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cb.vault-secure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cb.vault-secure.com/","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-02T12:54:16.067Z","timestamp":1782996856067,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cb.vault-secure.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 21:46:23 GMT","end":"Tue, 29 Sep 2026 21:46:22 GMT"},"fingerprint":{"sha1":"3F:A7:A8:29:71:1F:16:32:FC:BD:55:88:4D:C5:9E:80:64:7E:92:AA","sha256":"D0:C5:B4:D8:BB:DB:6D:EF:0B:31:55:5C:3F:8A:A2:E7:31:3E:84:23:31:76:80:48:F3:AA:84:C5:6F:3C:23:86"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cb.vault-secure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx/1.22.1\r\nDate: Thu, 02 Jul 2026 12:54:15 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 35\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nLocation: /login\r\nVary: Accept\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T11:08:25.220793Z","times_seen":16940498,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":5,"connect":54,"send":0,"wait":149,"receive":0,"ssl":125},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cb.vault-secure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cb.vault-secure.com/login","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-02T12:54:16.408Z","timestamp":1782996856408,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cb.vault-secure.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 21:46:23 GMT","end":"Tue, 29 Sep 2026 21:46:22 GMT"},"fingerprint":{"sha1":"3F:A7:A8:29:71:1F:16:32:FC:BD:55:88:4D:C5:9E:80:64:7E:92:AA","sha256":"D0:C5:B4:D8:BB:DB:6D:EF:0B:31:55:5C:3F:8A:A2:E7:31:3E:84:23:31:76:80:48:F3:AA:84:C5:6F:3C:23:86"}}},"request":{"raw":"GET /login HTTP/1.1\r\nHost: cb.vault-secure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Thu, 02 Jul 2026 12:54:15 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nETag: W/\"24a0-csOlvRfFhw5pzItFCFf74mjT4Y8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":9376,"size_decoded":3919,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (717)","md5":"3f18bdbbf1359745f5e295e4b00215f9","sha1":"72c3a5bd17c5870e69cc8b450857fbe268d3e18f","sha256":"29e4d856066cf55eec37381404d365fc409a1e71408d766977d48729ce2aa023","sha512":"60f7fe4e3d8e01300c274cff96fe001e8e3e0331dba556fd9a2cf89eef53a926bc2c0eb8fe9f76ea4b7a75f88967bca6246061d0d5a7696c16b6ec7c3e6249bb","ssdeep":"192:Cr/rgTg8wHL3ZWEPqIUETZ1orgQuhM8zt8ZSZVdN7feoRw:Cr/rgTg8wHzZWhRwZeuhM8z1ZBfeoS","tlshash":"8912eaf770f41d72069b85a975a94b483c14900bef0786003abc4aa92ff7e9279736dd","first_seen":"2026-07-02T12:54:44.944235Z","last_seen":"2026-07-02T12:54:44.944235Z","times_seen":1,"resource_available":true,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cb.vault-secure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cb.vault-secure.com/login","date":"2026-07-02T12:54:17.170Z","timestamp":1782996857170,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.5.1/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cb.vault-secure.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Thu, 02 Jul 2026 12:54:17 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Fri, 01 Dec 2023 00:32:25 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 527\r\nexpires: Tue, 22 Jun 2027 12:54:17 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LRP1rkeXMdSKP7sSBbyjbuIGP8pxOBgPo%2FqxAjqsHo2ENJAIdj4nHXs570CBpqXcSvL0N1js7BAglvn3qhrD3vl4G4%2F%2Fk6A%2BrlJp%2B3ElhQxP8MBN6PGmMC71nqCUr2o4mqcUqdJH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a14dcc557b835a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102641,"size_decoded":19836,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"9402848c3d4bbc710c764326f8b887c9","sha1":"b6e555166eb1381392e00adcde9bf8863f16ff01","sha256":"c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7","sha512":"0d33903bd456087de9a46a9c59a100d41219382eb1c5a97012cc3d73641078021fb65f957a0a2f96779ed5cf505f84dcb6758c9f5dd36727be822326f1ed8bc0","ssdeep":"1536:iwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPG9ZpgSLCJ:O709gMGFiyPG9ZiSLCJ","tlshash":"79a3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-07-03T11:44:21.180389Z","times_seen":31241,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":6,"connect":18,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cb.vault-secure.com/css/style.css","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cb.vault-secure.com/login","date":"2026-07-02T12:54:17.174Z","timestamp":1782996857174,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cb.vault-secure.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 21:46:23 GMT","end":"Tue, 29 Sep 2026 21:46:22 GMT"},"fingerprint":{"sha1":"3F:A7:A8:29:71:1F:16:32:FC:BD:55:88:4D:C5:9E:80:64:7E:92:AA","sha256":"D0:C5:B4:D8:BB:DB:6D:EF:0B:31:55:5C:3F:8A:A2:E7:31:3E:84:23:31:76:80:48:F3:AA:84:C5:6F:3C:23:86"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: cb.vault-secure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cb.vault-secure.com/login\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Thu, 02 Jul 2026 12:54:16 GMT\r\nContent-Type: text/css; charset=UTF-8\r\nContent-Length: 47670\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 01 Jul 2026 17:49:59 GMT\r\nETag: W/\"ba36-19f1ecd501c\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47670,"size_decoded":47987,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text","md5":"c045609c4d8112aa0c378e05d6d76b2b","sha1":"c46595fed32685d32f583b55bcd61e1bdf927a5b","sha256":"853a35c5f8260947549134e549f05fefe498a8c75fe910c17fb1bcf69a231f7d","sha512":"514efce87600bdc125d23a58202e367a592230dc7ca307e824dd186a7136dcdaa8072ba16ce20f4a463e3de16dd804f6b853115939b7bf039797d3c260cfbabb","ssdeep":"768:amUm9n8VvHoZ6/6LTy1oYiwcE3Hw+vJra3rgVUmzCcFkPbivqILhr:amUcn89Hok63YyE3Q+rawUmDkPbivqIV","tlshash":"76236365772491647817da49329bdf98a38cb1489d09ca3c79fa208c8dc93fc65a3fdc","first_seen":"2026-07-02T12:54:44.9469Z","last_seen":"2026-07-02T12:54:44.9469Z","times_seen":1,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cb.vault-secure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cb.vault-secure.com/js/main.js","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cb.vault-secure.com/login","date":"2026-07-02T12:54:17.176Z","timestamp":1782996857176,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cb.vault-secure.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 21:46:23 GMT","end":"Tue, 29 Sep 2026 21:46:22 GMT"},"fingerprint":{"sha1":"3F:A7:A8:29:71:1F:16:32:FC:BD:55:88:4D:C5:9E:80:64:7E:92:AA","sha256":"D0:C5:B4:D8:BB:DB:6D:EF:0B:31:55:5C:3F:8A:A2:E7:31:3E:84:23:31:76:80:48:F3:AA:84:C5:6F:3C:23:86"}}},"request":{"raw":"GET /js/main.js HTTP/1.1\r\nHost: cb.vault-secure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cb.vault-secure.com/login\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Thu, 02 Jul 2026 12:54:16 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 3718\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 01 Jul 2026 17:49:48 GMT\r\nETag: W/\"e86-19f1ecd2410\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3718,"size_decoded":4047,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"de7e21a68ce4d3290cb997257870998b","sha1":"bb720c79bd021e299551d07a8c22fc1018a2f101","sha256":"d8d81c437ca32f21a6bd388feea8adfe2604de6e2159e2a5c99d23a153969ac6","sha512":"53aa06caf90a19ef58baac2dcf094ec5cf0c10e356664035ae624ca950434b95ac5ad8ba0b618e74f168660f199203e03bf75c39fc9f811e116a38468f26dbf9","ssdeep":"","tlshash":"b771caba25e221757167e47d43af2a04313a7403340aca15b87cf548dfec66a8276afc","first_seen":"2026-07-02T12:54:44.948402Z","last_seen":"2026-07-02T12:54:44.948402Z","times_seen":1,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":38,"send":0,"wait":136,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cb.vault-secure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cb.vault-secure.com/images/logo.png","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cb.vault-secure.com/login","date":"2026-07-02T12:54:17.185Z","timestamp":1782996857185,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cb.vault-secure.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 21:46:23 GMT","end":"Tue, 29 Sep 2026 21:46:22 GMT"},"fingerprint":{"sha1":"3F:A7:A8:29:71:1F:16:32:FC:BD:55:88:4D:C5:9E:80:64:7E:92:AA","sha256":"D0:C5:B4:D8:BB:DB:6D:EF:0B:31:55:5C:3F:8A:A2:E7:31:3E:84:23:31:76:80:48:F3:AA:84:C5:6F:3C:23:86"}}},"request":{"raw":"GET /images/logo.png HTTP/1.1\r\nHost: cb.vault-secure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cb.vault-secure.com/login\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Thu, 02 Jul 2026 12:54:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 94882\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 01 Jul 2026 17:49:48 GMT\r\nETag: W/\"172a2-19f1ecd2630\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":94882,"size_decoded":95186,"mime_type":"image/png","magic":"PNG image data, 800 x 802, 8-bit/color RGBA, non-interlaced","md5":"daaa80bce3c705daa3116398b7fb191f","sha1":"869ac98bb0053f01f593fde04ed0c54bbfcc73f5","sha256":"41e793c2e2a6a5a71b44463e992642be3cad95d1a755664e9231815763ce48df","sha512":"51a4951ae5689c0ede11d2dbea70b5397612b719546846d8b77c31c58f98c883f64604634cd88730850ddd3497a6358519758dc769ca5fd0e841527c959ade72","ssdeep":"1536:LT6fBbBrxI1ehrDFyW6ZN6dv2UgDeaLnwrk9c7qH+3xJ6XpnQ31egnEo:LYl9tcUgDJLnww9oxJSnQ3rEo","tlshash":"8b9302c7493882b6f1b7dda2c83e094522b454bee6173f985466fe000ac7d946fe1e83","first_seen":"2026-07-02T12:54:44.940554Z","last_seen":"2026-07-02T12:54:44.940554Z","times_seen":1,"resource_available":false,"data":null}},"time_used":599,"timings":{"blocked":298,"dns":0,"connect":0,"send":0,"wait":224,"receive":77,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cb.vault-secure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cb.vault-secure.com/fonts/Coinbase-Sans/Coinbase_Sans-Regular-web-1.32.woff2","fqdn":"cb.vault-secure.com","domain":"vault-secure.com","tld":"com"},"ip":{"addr":"91.215.85.43","port":443,"asn":200593,"as":"Prospero Ooo","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cb.vault-secure.com/login","date":"2026-07-02T12:54:17.566Z","timestamp":1782996857566,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cb.vault-secure.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 21:46:23 GMT","end":"Tue, 29 Sep 2026 21:46:22 GMT"},"fingerprint":{"sha1":"3F:A7:A8:29:71:1F:16:32:FC:BD:55:88:4D:C5:9E:80:64:7E:92:AA","sha256":"D0:C5:B4:D8:BB:DB:6D:EF:0B:31:55:5C:3F:8A:A2:E7:31:3E:84:23:31:76:80:48:F3:AA:84:C5:6F:3C:23:86"}}},"request":{"raw":"GET /fonts/Coinbase-Sans/Coinbase_Sans-Regular-web-1.32.woff2 HTTP/1.1\r\nHost: cb.vault-secure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cb.vault-secure.com/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Thu, 02 Jul 2026 12:54:17 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 40480\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 01 Jul 2026 17:49:52 GMT\r\nETag: W/\"9e20-19f1ecd33e8\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":40480,"size_decoded":40784,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40480, version 1.2097","md5":"c9a6e887656f7b1014db3f1a07247ee2","sha1":"371f6e5792cff6d3bf6122392d2403f05f1ca445","sha256":"5db56ddf9ab991fc7a3a5b188b6b0c92331213ec4991b71d9821c36dcbcdb687","sha512":"8544191d90eb82b7ed77b813bebb04c918677dd206f37d151db7ee5f34feef64afee26b0ea94398a64a8aea0d8c6d8613dd1b106eb49142a485235e6e19e2710","ssdeep":"768:Czw/1p285wfUizBtYzRe195L9i980ZzsDTdPALCNVb872CEzwZfkAYl:tI85WBtd195xi980Cn6IbT9ws","tlshash":"810301d9265d774ed88b863709c227308ce889d6720be1872bb4a18371e6ec8c625fd5","first_seen":"2023-04-22T15:10:15Z","last_seen":"2026-07-02T12:54:44.950174Z","times_seen":1570,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cb.vault-secure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cb.vault-secure.com/login","date":"2026-07-02T12:54:17.574Z","timestamp":1782996857574,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://cb.vault-secure.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Thu, 02 Jul 2026 12:54:17 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\nlast-modified: Fri, 01 Dec 2023 00:32:25 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 69535\r\nexpires: Tue, 22 Jun 2027 12:54:17 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W6W%2F4S%2FHIMTl%2Bd5wv9AX%2FL%2BrDaOXA4eDAA%2B84TebYSjmcpLWD3M2kd1ZZhGunRXLhSiacETxkKWpR1W5Eo%2BMSrZwFKWPmg4dyhHnWDecDDY3Wrc2CYcF41IDmxDPIY6sorH8oks%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a14dcc57f91e7131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":156496,"size_decoded":157473,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 156496, version 773.768","md5":"6c4eee562650e53cee32496bdfbe534b","sha1":"1aae708e3b94ee981b452a918d28ed037fbb5e18","sha256":"9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2","sha512":"ebcb5a2e2a908228f77ecd03b45491778cad73ddc39fa3a6334b129aaf9fa36c16c0307aeaad74d77f616b5b34aac52d91e9f4816945253dc9a826ddd71f4d12","ssdeep":"3072:OvM6gZMLmY8uGpjVnlooQ+GQs8jic0f/KkMdE:OU65LoP5QSsuic0f/cdE","tlshash":"8ce31200d620498d9978fd5b2a1fa1ffa7a939c95ed210bad3c30cb93257143bbc2556","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-07-03T11:33:43.990118Z","times_seen":44856,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":18,"send":0,"wait":20,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
