{"report_id":"c26e3287-1bbd-437f-8a1f-439c2fce3e37","version":6,"status":"done","tags":[],"date":"2026-04-16T13:46:20Z","url":{"schema":"https","addr":"valorantskins.cc/","fqdn":"valorantskins.cc","domain":"valorantskins.cc","tld":"cc"},"ip":{"addr":"217.60.39.100","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United Arab Emirates","country_code":"AE"},"final":{"url":{"schema":"https","addr":"valorantskins.cc/.merc/captcha?return_url=%2F\u0026score=13\u0026reason=suspicious_rdns\u0026type=click_shape\u0026ct=cb03e09635de0cd6\u0026dots=3","fqdn":"valorantskins.cc","domain":"valorantskins.cc","tld":"cc"},"title":"Access Verification","dom":{"size":131981,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (57374)","md5":"af42fa3e6d4e70684f4c47d7d0ca42cd","sha1":"24a2e26bed052a122b06c7850a22549b28fb5b59","sha256":"3c09e8637ca3646dacdb4576302117f91479f01529727f1798e2facc01a7b52b","sha512":"73ab3da272c5904f75786394c5a257bda0ac3cceecca2c4371a9e906cf46ba7eb79437cf677b7eb97246d2b73e692ea9886f73cacd1a44d757ba0dc16725b20d","ssdeep":"3072:A1Dym3mZzIgeQWaEkVT1QEb7AvGRCJb60cH:A1DJ3mzjPEAdUvGco","tlshash":"bcd302b02d113139b227c276e6e56b0e31395d47b41ac44ae38e88c9df967c9977ee0c","dom_hash":"domhash40783de918d50c4413d5c148fad51d43","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"valorantskins.cc/","fqdn":"valorantskins.cc","domain":"valorantskins.cc","tld":"cc"},"ip":{"addr":"217.60.39.100","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United Arab Emirates","country_code":"AE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-21T13:46:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"valorantskins.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"valorantskins.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"valorantskins.cc","ip":{"addr":"217.60.39.100","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":6,"request_count":3,"received_data":151349,"sent_data":1647,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"skufini-paradise.digital","ip":{"addr":"89.125.209.76","port":8443,"asn":25441,"as":"Imagine Communications Group Limited","country":"Ireland","country_code":"IE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-15T17:54:22.280485Z","last_seen":"2026-04-15T17:54:39.28387Z","alert_count":0,"request_count":1,"received_data":294,"sent_data":432,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"valorantskins.cc/.merc/captcha?return_url=%2F\u0026score=13\u0026reason=suspicious_rdns\u0026type=click_shape\u0026ct=cb03e09635de0cd6\u0026dots=3","fqdn":"valorantskins.cc","domain":"valorantskins.cc","tld":"cc"},"ip":{"addr":"217.60.39.100","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":true,"md5":"0a37944806d2dcee2befa061bd1098da","sha1":"a2aaa3343e08210ef2d5113c15ea1511b2c5dd5f","sha256":"c6f7531e9695662d782fd5f7e89ff5a184be57f42e9c19c8ef1b6ed987dc51b4","sha512":"103d256d00cd519028ff60d8476fea2f6319dc270ae12425e814873dcb55f62ec199f590cbc22fd61872bb012b4ec09b05e93609120210d34c77aae7822e8865","ssdeep":"","tlshash":"6e800407c70040137074700101415dc1331111410410cd015143f153314f57341443d5","size":34,"data":"","first_seen":"2026-04-16T13:46:25.155572Z","last_seen":"2026-04-16T13:48:08.688602Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valorantskins.cc/.merc/captcha?return_url=%2F\u0026score=13\u0026reason=suspicious_rdns\u0026type=click_shape\u0026ct=cb03e09635de0cd6\u0026dots=3","fqdn":"valorantskins.cc","domain":"valorantskins.cc","tld":"cc"},"ip":{"addr":"217.60.39.100","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":true,"md5":"3cab7dd781adb88986585c2a7f3b5c07","sha1":"a94e414cde42d2bc4f426cdebded154c9158f0a7","sha256":"3287fd5997aac0ac758e9b175250c903e4fb90bc61df31e2863b13380bf82393","sha512":"864e89ac53c57441832c9a8ffe82f709c3b3d6a509cbdd2de8bf69bc509fd424e99feecaf3bd294de52b799932eb4b2cf418d6c4d84be4873f0a0e5c97b305b9","ssdeep":"192:GUf60Gh1YrthKyzMfsHw9vy9CNTc0/w2TsESg16oNGif70j:Gu6wjXjIKEr6o4ifk","tlshash":"b802e9693115387b04fb52bb15bf374d393a9a1268074480d86d5c1cae37b4162fdf4c","size":8873,"data":"","first_seen":"2026-04-16T13:46:25.160105Z","last_seen":"2026-04-16T13:46:25.160105Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valorantskins.cc/.merc/captcha?return_url=%2F\u0026score=13\u0026reason=suspicious_rdns\u0026type=click_shape\u0026ct=cb03e09635de0cd6\u0026dots=3","fqdn":"valorantskins.cc","domain":"valorantskins.cc","tld":"cc"},"ip":{"addr":"217.60.39.100","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":true,"md5":"18a02c805282dcaa25d67554b08f969e","sha1":"3cbf176114a0a1564920447e13a700b9a1ce00d5","sha256":"6bb5ab7e30b48074e8e3cbb463cff16e57db4f040a780f3b3a42d0ba2d834b84","sha512":"efd46fd208cfe458b02042731c23f6286404c3d335e885d40b51b2124b5262adce0678b8d82fed56241e11e4521a655f5085e0929fc8771e4c4ce581568abdb2","ssdeep":"","tlshash":"fee0aba475783168005e2477023e1a1a30ccb822cdf55480995cda239e9c44b8bd6745","size":404,"data":"","first_seen":"2026-04-15T17:54:28.050808Z","last_seen":"2026-04-16T13:48:08.691193Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"valorantskins.cc/.merc/captcha/generate?type=click_shape\u0026dots=3\u0026ct=cb03e09635de0cd6","fqdn":"valorantskins.cc","domain":"valorantskins.cc","tld":"cc"},"ip":{"addr":"217.60.39.100","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://valorantskins.cc/.merc/captcha?return_url=%2F\u0026score=13\u0026reason=suspicious_rdns\u0026type=click_shape\u0026ct=cb03e09635de0cd6\u0026dots=3","date":"2026-04-16T13:46:00.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valorantskins.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 20:11:41 GMT","end":"Sat, 30 May 2026 20:11:40 GMT"},"fingerprint":{"sha1":"10:58:59:6A:4F:B5:91:B3:BF:4C:98:12:2F:BC:71:C6:73:83:F4:D4","sha256":"06:92:54:80:12:F8:9D:19:58:0E:96:D4:58:A5:93:DE:5B:F2:B5:89:B9:20:F4:8F:9E:80:3B:17:94:54:A7:D0"}}},"request":{"raw":"GET /.merc/captcha/generate?type=click_shape\u0026dots=3\u0026ct=cb03e09635de0cd6 HTTP/1.1\r\nHost: valorantskins.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://valorantskins.cc/.merc/captcha?return_url=%2F\u0026score=13\u0026reason=suspicious_rdns\u0026type=click_shape\u0026ct=cb03e09635de0cd6\u0026dots=3\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 16 Apr 2026 13:46:01 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-store, no-cache, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nexpires: 0\r\nx-cache-status: NEVER\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":113761,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d5b9235435ed8237da8e1a1c3c9992ba","sha1":"3ca21bad62f85aa57e95c78a6910a24682c522f2","sha256":"d19426bd9ef70bdc476a76bed57715f53d43cea0331a65b4563f2a5e04f06693","sha512":"e727acf8ebaa0ece069d581b61e00031037987c0696ef009903e37dd95e19cc2648e86d9153c350c7427b1bcfe59ad0ef230e00b17d50c4e1174bde0b3905ed9","ssdeep":"1536:YwutDsoC9vrEU2mZUimdgK1lTzQWao97e/bVRR4e1FW/EbPDavvE9R67aJVb5:Y1Dym3mZzIgeQWaEkVT1QEb7AvGRCsb5","tlshash":"0eb312f41d3567b46725c670e2d92b1a49393d8b258ce56b538accc1a3da7889b4fc0c","first_seen":"2026-04-16T13:46:25.148926Z","last_seen":"2026-04-16T13:46:25.148926Z","times_seen":1,"resource_available":false,"data":null}},"time_used":890,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":890,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"valorantskins.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"valorantskins.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valorantskins.cc/","fqdn":"valorantskins.cc","domain":"valorantskins.cc","tld":"cc"},"ip":{"addr":"217.60.39.100","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-16T13:45:57.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valorantskins.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 20:11:41 GMT","end":"Sat, 30 May 2026 20:11:40 GMT"},"fingerprint":{"sha1":"10:58:59:6A:4F:B5:91:B3:BF:4C:98:12:2F:BC:71:C6:73:83:F4:D4","sha256":"06:92:54:80:12:F8:9D:19:58:0E:96:D4:58:A5:93:DE:5B:F2:B5:89:B9:20:F4:8F:9E:80:3B:17:94:54:A7:D0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: valorantskins.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 16 Apr 2026 13:45:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 148\r\nlocation: /.merc/captcha?return_url=%2F\u0026score=13\u0026reason=suspicious_rdns\u0026type=click_shape\u0026ct=cb03e09635de0cd6\u0026dots=3\r\npermissions-policy: geolocation=(), microphone=(), camera=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 0\r\ncache-control: no-cache, stale-while-revalidate=60\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18212,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T10:23:07.371998Z","times_seen":13894546,"resource_available":true,"data":null}},"time_used":2844,"timings":{"blocked":941,"dns":121,"connect":678,"send":0,"wait":956,"receive":1,"ssl":143},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"valorantskins.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"valorantskins.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valorantskins.cc/.merc/captcha?return_url=%2F\u0026score=13\u0026reason=suspicious_rdns\u0026type=click_shape\u0026ct=cb03e09635de0cd6\u0026dots=3","fqdn":"valorantskins.cc","domain":"valorantskins.cc","tld":"cc"},"ip":{"addr":"217.60.39.100","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-16T13:45:59.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valorantskins.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 20:11:41 GMT","end":"Sat, 30 May 2026 20:11:40 GMT"},"fingerprint":{"sha1":"10:58:59:6A:4F:B5:91:B3:BF:4C:98:12:2F:BC:71:C6:73:83:F4:D4","sha256":"06:92:54:80:12:F8:9D:19:58:0E:96:D4:58:A5:93:DE:5B:F2:B5:89:B9:20:F4:8F:9E:80:3B:17:94:54:A7:D0"}}},"request":{"raw":"GET /.merc/captcha?return_url=%2F\u0026score=13\u0026reason=suspicious_rdns\u0026type=click_shape\u0026ct=cb03e09635de0cd6\u0026dots=3 HTTP/1.1\r\nHost: valorantskins.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 16 Apr 2026 13:45:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: no-store, no-cache, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nexpires: 0\r\nx-cache-status: NEVER\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":18212,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (956)","md5":"01fc4140da09d34feea20c532aa9b054","sha1":"eeb3299797dcce72ee2f18c192d3878452dbbff9","sha256":"06ad008d3483e2a92a32fe2d2f4851e13d3fc148ec7acf5219c86cb5ca0def9d","sha512":"acd2d8aa3e593bb2dba18a83c809e04de5deb2fe54393bd89e7de2778b8f88efec97c47e70d69d9f3f3c44617b07665b9ba3f163a016884e97064d97825db90f","ssdeep":"384:3o5FFdnn1fl0whP2EjLu6wjXjIKEr6o4ifiAg:3ozv1fDHjLu6QrEm6iH","tlshash":"04821a702601303fa07781bb26f5b74e313ac903f9174488eaae659dcf576c663b9b48","first_seen":"2026-04-16T13:46:25.153653Z","last_seen":"2026-04-16T13:46:25.153653Z","times_seen":1,"resource_available":true,"data":null}},"time_used":889,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":889,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"valorantskins.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"valorantskins.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skufini-paradise.digital:8443/collect?sid=cb03e09635de0cd6","fqdn":"skufini-paradise.digital","domain":"skufini-paradise.digital","tld":"digital"},"ip":{"addr":"89.125.209.76","port":8443,"asn":25441,"as":"Imagine Communications Group Limited","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valorantskins.cc/.merc/captcha?return_url=%2F\u0026score=13\u0026reason=suspicious_rdns\u0026type=click_shape\u0026ct=cb03e09635de0cd6\u0026dots=3","date":"2026-04-16T13:46:00.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"skufini-paradise.digital","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 01:18:30 GMT","end":"Sun, 12 Jul 2026 01:18:29 GMT"},"fingerprint":{"sha1":"3C:A9:B0:B5:A9:71:50:47:17:4A:82:33:86:4D:D6:28:BD:62:39:63","sha256":"BB:16:15:1A:95:55:2A:38:73:7C:F5:E8:FC:A3:D3:7E:29:D8:AF:E0:AF:08:D4:A2:E9:93:C0:CE:AD:F1:D4:F1"}}},"request":{"raw":"GET /collect?sid=cb03e09635de0cd6 HTTP/1.1\r\nHost: skufini-paradise.digital:8443\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-type: image/gif\r\ncontent-length: 35\r\ndate: Thu, 16 Apr 2026 13:46:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"c2196de8ba412c60c22ab491af7b1409","sha1":"5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b","sha256":"6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992","sha512":"84e24a70b78e9de9c9d0dfeb49f3f4247dbc1c715d8844471ee40669270682e199d48f5fbec62bd984c9c0270534b407c4d2561dd6c05adec3c83c1534f32d5c","ssdeep":"","tlshash":"d4800003e280c002c2a2c0300e0ccb802b88b0208a28030fb0ec2baeec3a2a00c02000","first_seen":"2023-04-05T07:36:27Z","last_seen":"2026-04-18T10:30:27.07875Z","times_seen":156240,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":51,"dns":2,"connect":17,"send":0,"wait":19,"receive":3,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}