{"report_id":"d041d42d-34ca-47ca-8f73-4a4b430cd58d","version":0,"status":"done","tags":["phishing","suspicious","telegram_bot"],"date":"2026-06-11T12:36:17Z","url":{"schema":"http","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"172.67.201.33","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"title":"Account Verification","dom":{"size":19210,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (607)","md5":"42e486b90ae3616660a9b1583a3bafaa","sha1":"dd1c4263640907107278b5fd1d6e0907e350ae68","sha256":"62e8238cdccf03ff24fb4ed387cf565211a8aa77de2b75ad9fe6d37079a00ca9","sha512":"e0f7f302df6614f31a4c7a026d966a370326f6542bd7e20a4cf278cb0af99ac08c6235872e5976ab89aed8272e1bdc5156f1ce222331c63585402b7ef510dcfd","ssdeep":"192:vJiU3RWl0Kikc+3eVPHjhPRHa4sx8utqqnA65Fk619uY/cQ5uG9Rk4HyfAy+ylJv:vUwaFqIPfsiJ6eGCIdrfOs35","tlshash":"bd82826b24f720512a93e4bc3baf53053265e0039a09cd287f9c53499f46b99acb37dd","dom_hash":"domhash9c19d9f2c3100b4b159b4a5767d62e24","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"172.67.201.33","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-16T12:36:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":3,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-11","alert":"Detects file containing Telegram Bot API","trigger":"ff.emmashoestienda.com/b1kvsod/f0od.html","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ff.emmashoestienda.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ipfs.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic phishing","verdict":"phishing","severity":"medium","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-07T22:18:26.533791Z","alert_count":0,"request_count":4,"received_data":261007,"sent_data":2302,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ipfs.io","ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"domain_registered":"2014-05-16","domain_rank":19271,"first_seen":"2015-09-09T04:41:36Z","last_seen":"2026-06-07T15:05:28.356974Z","alert_count":1,"request_count":1,"received_data":817,"sent_data":982,"comment":"","tags":null,"fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ipfs.tech","ip":{"addr":"185.199.108.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2020-05-28","domain_rank":57535,"first_seen":"2021-02-03T21:11:02Z","last_seen":"2026-06-05T13:52:27.812237Z","alert_count":1,"request_count":1,"received_data":577,"sent_data":952,"comment":"","tags":null,"fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"ff.emmashoestienda.com","ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-06-03","domain_rank":0,"first_seen":"2026-06-10T22:09:32.058303Z","last_seen":"2026-06-10T22:09:32.058303Z","alert_count":5,"request_count":2,"received_data":22938,"sent_data":1045,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-07T22:22:03.23237Z","alert_count":0,"request_count":2,"received_data":24253,"sent_data":1052,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"md5":"d723efac61352217997e4fd9a3cb855b","sha1":"a5b533dcf8b6d6d17bda4d7158e3b1046cd76fc5","sha256":"3e0fe5c4a2f933d0ed67b245dc968555e30c6cc38d517e4c2ce8c7dc95452c52","sha512":"d4b8b961d2e69d09a862c86d60853a772b2215f8eb506e603db65ef5be8ab943f9e70daa78da8634c5fc124a1ff2534100a5a3f19762dd76506e56c55f6989b7","size":7929,"token":"8661134035:AAFVuKK7w0QtNI_88hcfEjcDkmsMxQNel_Y","is_revoked":false,"bot":{"token":"8661134035:AAFVuKK7w0QtNI_88hcfEjcDkmsMxQNel_Y","user_id":"8661134035","username":"koreadomainlogz_bot","first_name":"Korea Domain","last_name":"","chat":{"chat_id":"8112752789","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":0}},{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"md5":"d723efac61352217997e4fd9a3cb855b","sha1":"a5b533dcf8b6d6d17bda4d7158e3b1046cd76fc5","sha256":"3e0fe5c4a2f933d0ed67b245dc968555e30c6cc38d517e4c2ce8c7dc95452c52","sha512":"d4b8b961d2e69d09a862c86d60853a772b2215f8eb506e603db65ef5be8ab943f9e70daa78da8634c5fc124a1ff2534100a5a3f19762dd76506e56c55f6989b7","size":7929,"token":"8661134035:AAFVuKK7w0QtNI_88hcfEjcDkmsMxQNel_Y","is_revoked":false,"bot":{"token":"8661134035:AAFVuKK7w0QtNI_88hcfEjcDkmsMxQNel_Y","user_id":"8661134035","username":"koreadomainlogz_bot","first_name":"Korea Domain","last_name":"","chat":{"chat_id":"8112752789","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":0}},{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"md5":"d723efac61352217997e4fd9a3cb855b","sha1":"a5b533dcf8b6d6d17bda4d7158e3b1046cd76fc5","sha256":"3e0fe5c4a2f933d0ed67b245dc968555e30c6cc38d517e4c2ce8c7dc95452c52","sha512":"d4b8b961d2e69d09a862c86d60853a772b2215f8eb506e603db65ef5be8ab943f9e70daa78da8634c5fc124a1ff2534100a5a3f19762dd76506e56c55f6989b7","size":7929,"token":"8661134035:AAFVuKK7w0QtNI_88hcfEjcDkmsMxQNel_Y","is_revoked":false,"bot":{"token":"8661134035:AAFVuKK7w0QtNI_88hcfEjcDkmsMxQNel_Y","user_id":"8661134035","username":"koreadomainlogz_bot","first_name":"Korea Domain","last_name":"","chat":{"chat_id":"8112752789","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":0}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic phishing","verdict":"phishing","severity":"medium","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d723efac61352217997e4fd9a3cb855b","sha1":"a5b533dcf8b6d6d17bda4d7158e3b1046cd76fc5","sha256":"3e0fe5c4a2f933d0ed67b245dc968555e30c6cc38d517e4c2ce8c7dc95452c52","sha512":"d4b8b961d2e69d09a862c86d60853a772b2215f8eb506e603db65ef5be8ab943f9e70daa78da8634c5fc124a1ff2534100a5a3f19762dd76506e56c55f6989b7","ssdeep":"96:4yosiJaJe6Qjh2i5kFnmii6GssnDJB1yR7tdrqerV6YBVLPtY:4fsiJ6endLOxbiVssnD7MfdrfxdBfY","tlshash":"79f11c2b20b7242517e3e07e739fa2407166f0172a08dc59be4c83265f12fa46cb27de","size":7929,"data":"","first_seen":"2026-06-11T12:36:23.522477Z","last_seen":"2026-06-11T13:31:31.27992Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-11","alert":"Detects file containing Telegram Bot API","trigger":"ff.emmashoestienda.com/b1kvsod/f0od.html","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"994a946f4c93b82ae1c8015920245b1e","sha1":"67e57a3990488c639d8a59f6f97d6801abf15845","sha256":"70b9eef75f0ce3a8569601eed09f0c39b2beb71743e3128d1812dfbac5afb50e","sha512":"13027596f6500d4866331802314988d0db18117bdcdcc26e332e05f2c7c5a856d0baa7a8fe0b7861d27817875ac91840111d3746267f9dee08e2b7b061d6f3cd","ssdeep":"","tlshash":"0511cc4b20a219210e9768fb9b8721047133706bb84dc66a395d87486f1192e9327edf","size":887,"data":"","first_seen":"2026-06-11T12:36:23.525051Z","last_seen":"2026-06-28T02:04:23.472295Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"59c2bbf4a86c823d2d347ea6ff57c9dd","sha1":"51cfa1babd350f1726d12717c9c35fc3f0c01c7e","sha256":"1ce9c0351385d85bff2c6d650ad13172bc842d3b7fec2187fe667357b2c8be7f","sha512":"6951af08788c8e93a9c36863f69409a2b39d749c53ff33ad915f031733609917b5b93358a768de07f5acb8bbe399602eceb47386dcd58a50b3a77c8b8afa3a05","ssdeep":"","tlshash":"58219c9921c774a40ae32074a64f1319b2aeb1175e08de44bc6d83486f54c2abd77ae5","size":1349,"data":"","first_seen":"2026-06-11T12:36:23.530666Z","last_seen":"2026-06-28T02:04:23.472999Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d723efac61352217997e4fd9a3cb855b","sha1":"a5b533dcf8b6d6d17bda4d7158e3b1046cd76fc5","sha256":"3e0fe5c4a2f933d0ed67b245dc968555e30c6cc38d517e4c2ce8c7dc95452c52","sha512":"d4b8b961d2e69d09a862c86d60853a772b2215f8eb506e603db65ef5be8ab943f9e70daa78da8634c5fc124a1ff2534100a5a3f19762dd76506e56c55f6989b7","ssdeep":"96:4yosiJaJe6Qjh2i5kFnmii6GssnDJB1yR7tdrqerV6YBVLPtY:4fsiJ6endLOxbiVssnD7MfdrfxdBfY","tlshash":"79f11c2b20b7242517e3e07e739fa2407166f0172a08dc59be4c83265f12fa46cb27de","size":7929,"data":"","first_seen":"2026-06-11T12:36:23.522477Z","last_seen":"2026-06-11T13:31:31.27992Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-11","alert":"Detects file containing Telegram Bot API","trigger":"ff.emmashoestienda.com/b1kvsod/f0od.html","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"994a946f4c93b82ae1c8015920245b1e","sha1":"67e57a3990488c639d8a59f6f97d6801abf15845","sha256":"70b9eef75f0ce3a8569601eed09f0c39b2beb71743e3128d1812dfbac5afb50e","sha512":"13027596f6500d4866331802314988d0db18117bdcdcc26e332e05f2c7c5a856d0baa7a8fe0b7861d27817875ac91840111d3746267f9dee08e2b7b061d6f3cd","ssdeep":"","tlshash":"0511cc4b20a219210e9768fb9b8721047133706bb84dc66a395d87486f1192e9327edf","size":887,"data":"","first_seen":"2026-06-11T12:36:23.525051Z","last_seen":"2026-06-28T02:04:23.472295Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"59c2bbf4a86c823d2d347ea6ff57c9dd","sha1":"51cfa1babd350f1726d12717c9c35fc3f0c01c7e","sha256":"1ce9c0351385d85bff2c6d650ad13172bc842d3b7fec2187fe667357b2c8be7f","sha512":"6951af08788c8e93a9c36863f69409a2b39d749c53ff33ad915f031733609917b5b93358a768de07f5acb8bbe399602eceb47386dcd58a50b3a77c8b8afa3a05","ssdeep":"","tlshash":"58219c9921c774a40ae32074a64f1319b2aeb1175e08de44bc6d83486f54c2abd77ae5","size":1349,"data":"","first_seen":"2026-06-11T12:36:23.530666Z","last_seen":"2026-06-28T02:04:23.472999Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d723efac61352217997e4fd9a3cb855b","sha1":"a5b533dcf8b6d6d17bda4d7158e3b1046cd76fc5","sha256":"3e0fe5c4a2f933d0ed67b245dc968555e30c6cc38d517e4c2ce8c7dc95452c52","sha512":"d4b8b961d2e69d09a862c86d60853a772b2215f8eb506e603db65ef5be8ab943f9e70daa78da8634c5fc124a1ff2534100a5a3f19762dd76506e56c55f6989b7","ssdeep":"96:4yosiJaJe6Qjh2i5kFnmii6GssnDJB1yR7tdrqerV6YBVLPtY:4fsiJ6endLOxbiVssnD7MfdrfxdBfY","tlshash":"79f11c2b20b7242517e3e07e739fa2407166f0172a08dc59be4c83265f12fa46cb27de","size":7929,"data":"","first_seen":"2026-06-11T12:36:23.522477Z","last_seen":"2026-06-11T13:31:31.27992Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-11","alert":"Detects file containing Telegram Bot API","trigger":"ff.emmashoestienda.com/b1kvsod/f0od.html","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"994a946f4c93b82ae1c8015920245b1e","sha1":"67e57a3990488c639d8a59f6f97d6801abf15845","sha256":"70b9eef75f0ce3a8569601eed09f0c39b2beb71743e3128d1812dfbac5afb50e","sha512":"13027596f6500d4866331802314988d0db18117bdcdcc26e332e05f2c7c5a856d0baa7a8fe0b7861d27817875ac91840111d3746267f9dee08e2b7b061d6f3cd","ssdeep":"","tlshash":"0511cc4b20a219210e9768fb9b8721047133706bb84dc66a395d87486f1192e9327edf","size":887,"data":"","first_seen":"2026-06-11T12:36:23.525051Z","last_seen":"2026-06-28T02:04:23.472295Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"59c2bbf4a86c823d2d347ea6ff57c9dd","sha1":"51cfa1babd350f1726d12717c9c35fc3f0c01c7e","sha256":"1ce9c0351385d85bff2c6d650ad13172bc842d3b7fec2187fe667357b2c8be7f","sha512":"6951af08788c8e93a9c36863f69409a2b39d749c53ff33ad915f031733609917b5b93358a768de07f5acb8bbe399602eceb47386dcd58a50b3a77c8b8afa3a05","ssdeep":"","tlshash":"58219c9921c774a40ae32074a64f1319b2aeb1175e08de44bc6d83486f54c2abd77ae5","size":1349,"data":"","first_seen":"2026-06-11T12:36:23.530666Z","last_seen":"2026-06-28T02:04:23.472999Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"error","text":"Error fetching IP:NetworkError when attempting to fetch resource.","filename":"https://ff.emmashoestienda.com/b1kvsod/f0od.html","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"ff.emmashoestienda.com/b1kvsod/f0od.html","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-11T12:35:45.953Z","timestamp":1781181345953,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"emmashoestienda.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Apr 2026 13:52:57 GMT","end":"Fri, 24 Jul 2026 14:52:49 GMT"},"fingerprint":{"sha1":"35:99:9C:88:43:40:97:50:59:AA:DC:7D:4F:52:10:1B:3E:A7:22:04","sha256":"37:F3:A8:EF:DE:48:42:24:21:6D:FB:D3:77:25:28:2B:92:D7:DD:2E:31:F3:50:7C:FB:E7:78:FB:F2:1D:80:26"}}},"request":{"raw":"GET /b1kvsod/f0od.html HTTP/1.1\r\nHost: ff.emmashoestienda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Thu, 11 Jun 2026 12:35:46 GMT\r\nserver: cloudflare\r\nlast-modified: Wed, 10 Jun 2026 00:48:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xRJxLBMJP5TVY3%2BJYFvHAZxS6u%2BgcUgi%2FZY84%2F7RXnaVu961T2V6ECgrUw5BXcvS5qOPwkJk2o3kw4B%2FNNyip1hcZ92FtKAFEEYtarzBo%2B493fV%2FL393Fg09q0SjvxBBxJ3hCMhP9O1P\"}]}\r\npriority: u=0,i\r\ncontent-type: text/html\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a0a0a85458df5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19780,"size_decoded":6451,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (591), with CRLF line terminators","md5":"fda7c04ec60cad794e4b8356900dd364","sha1":"18d27a62051f54917b292fb6eb0a6d7f490c4a2c","sha256":"c95f2cc632ba38375e00da4547f9604a72e9b1db62a39bffbcde05aea4b79a16","sha512":"744fcb95ed4cfa6f2fa3d84f720d4d259af0adde97c7cfda162b6764e43287037be30181793109dad2881020e2e5f41d06f71b083929b55dcc097457dca6043c","ssdeep":"192:5JdF8lyOQH2nXiie28Zi90UsoB36crfnZwhXsOiIrMoeEH1DStUgoY8MFON:52IwNAhXsOiIrMgHUtUgoYHON","tlshash":"9392c42a6055105166b3e3bcbbe75304f96aa0238b02c5287f9c934a5f72d48ad73fdd","first_seen":"2026-06-11T12:36:23.506603Z","last_seen":"2026-06-11T13:31:31.27663Z","times_seen":2,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":4,"connect":16,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-11","alert":"Detects file containing Telegram Bot API","trigger":"ff.emmashoestienda.com/b1kvsod/f0od.html","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ff.emmashoestienda.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic phishing","verdict":"phishing","severity":"medium","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/icon?family=Material+Icons","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ff.emmashoestienda.com/b1kvsod/f0od.html","date":"2026-06-11T12:35:46.697Z","timestamp":1781181346697,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:22 GMT","end":"Mon, 10 Aug 2026 18:37:21 GMT"},"fingerprint":{"sha1":"09:D4:FC:2F:81:37:26:42:91:15:6F:27:1B:72:A7:D2:1A:FC:31:72","sha256":"E9:45:95:A3:A1:F2:6E:F0:08:73:C1:35:32:67:E6:72:BB:89:C7:27:C0:8F:D7:48:6F:0A:88:7E:8B:00:2F:B9"}}},"request":{"raw":"GET /icon?family=Material+Icons HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ff.emmashoestienda.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 11 Jun 2026 12:35:46 GMT\r\ndate: Thu, 11 Jun 2026 12:35:46 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":565,"size_decoded":1025,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2b7a8d84952a9183b106df19f711324e","sha1":"a92c5e12b422bba9ebb447e1852d9681487361bc","sha256":"282801a0d182035440d5ef6d429d227126d2e6720a52b91d31a7d746c758154e","sha512":"d7ef3f86fe9fa5730a118c688b8f779e82ec3695df5ec48953905ed078ef4d78a3c8005021574d936f69ff0467968b6e68fbcb0680894470abf8f26200af2e0c","ssdeep":"","tlshash":"c0f0c064be0a988566110c42370f3f164d1d401fa80ac8fe8b911d4c8cff1bb134670f","first_seen":"2025-09-17T21:11:07.996842Z","last_seen":"2026-06-28T23:10:10.210693Z","times_seen":49490,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":4,"connect":17,"send":0,"wait":36,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ff.emmashoestienda.com/b1kvsod/f0od.html","date":"2026-06-11T12:35:50.073Z","timestamp":1781181350073,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://ff.emmashoestienda.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 11 Jun 2026 10:17:38 GMT\r\nexpires: Fri, 11 Jun 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 8292\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":43136,"size_decoded":43947,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-06-29T00:31:42.773407Z","times_seen":206061,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ff.emmashoestienda.com/b1kvsod/f0od.html","date":"2026-06-11T12:35:50.075Z","timestamp":1781181350075,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://ff.emmashoestienda.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 11 Jun 2026 10:17:38 GMT\r\nexpires: Fri, 11 Jun 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 8292\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":43136,"size_decoded":43947,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-06-29T00:31:42.773407Z","times_seen":206061,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/materialicons/v145/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ff.emmashoestienda.com/b1kvsod/f0od.html","date":"2026-06-11T12:35:50.076Z","timestamp":1781181350076,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/materialicons/v145/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://ff.emmashoestienda.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 128352\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 07 Jun 2026 10:07:11 GMT\r\nexpires: Mon, 07 Jun 2027 10:07:11 GMT\r\ncache-control: public, max-age=31536000\r\nage: 354519\r\nlast-modified: Wed, 17 Sep 2025 16:29:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":128352,"size_decoded":129166,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 128352, version 1.0","md5":"53436aca8627a49f4deaaa44dc9e3c05","sha1":"0bc0c675480d94ec7e8609dda6227f88c5d08d2c","sha256":"8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1","sha512":"6655e0426eb0c78a7cb4d4216a3af7a6edd50aba8c92316608b1f79b8fc15f895cba9314beb7a35400228786e2a78a33e8c03322da04e0da94c2f109241547e8","ssdeep":"3072:b4XkN5u3RbAR2r4lJ8FBnP7fNblbKBRvqy:fGdA8FBP7fNb5y","tlshash":"91c3231efc32af9a2e1724ec288521809c1e92fbe0b3512cf565f437e76517d999ca09","first_seen":"2023-04-05T13:19:11Z","last_seen":"2026-06-28T22:53:15.022005Z","times_seen":67073,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ff.emmashoestienda.com/favicon.ico","fqdn":"ff.emmashoestienda.com","domain":"emmashoestienda.com","tld":"com"},"ip":{"addr":"104.21.52.154","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ff.emmashoestienda.com/b1kvsod/f0od.html","date":"2026-06-11T12:35:50.169Z","timestamp":1781181350169,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"emmashoestienda.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Apr 2026 13:52:57 GMT","end":"Fri, 24 Jul 2026 14:52:49 GMT"},"fingerprint":{"sha1":"35:99:9C:88:43:40:97:50:59:AA:DC:7D:4F:52:10:1B:3E:A7:22:04","sha256":"37:F3:A8:EF:DE:48:42:24:21:6D:FB:D3:77:25:28:2B:92:D7:DD:2E:31:F3:50:7C:FB:E7:78:FB:F2:1D:80:26"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ff.emmashoestienda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ff.emmashoestienda.com/b1kvsod/f0od.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 \r\ndate: Thu, 11 Jun 2026 12:35:50 GMT\r\nserver: cloudflare\r\nretry-after: 3600\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\npragma: no-cache\r\nexpires: 0\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: text/html; charset=UTF-8\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bq12R8%2BzfImc8Gt41tz%2FmoKgZwQGFdNw6EkRwwhZWPk5d%2FDDnPmLPhjKLvXnKhMLZ4S9ePRHrabyb16BYChuEM2flEB2BermGE2awrk44TGDdqXxLmbHym8woATC8lJZ851dkzazKgHM\"}]}\r\ncf-ray: a0a0a86e9c105ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1820,"size_decoded":2503,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"53cf5f278c5db186cc57b6aa39ae4e43","sha1":"fbfcab5c5ad260fcf4ef7299f419a626cfaa4c7e","sha256":"5ed049c52f37fbcd8f2758f9079575fd3b0a70de69c1dad05e642b79366d0555","sha512":"b8e15ad2f6d5d09e36473f75646e146d02293beb32dddd3136d6729f6d7679de4de58214ecf912cbf40765ebdde7d7012a2e35ae8a96fffd89860939fb53d290","ssdeep":"","tlshash":"70317227968508077467d8382bd7165835c85827a11b84e4bfceb78ccfc2a8bc5a1f1c","first_seen":"2026-06-10T22:09:34.185458Z","last_seen":"2026-06-20T01:28:49.588635Z","times_seen":6,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ff.emmashoestienda.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/S9bgT2osMdKM9tgxUyyWlUiGbumJOIzGrxOXMmol84dKl8ouBlAT2mgCKFLY3R2FItdFXVZJByA9FXCk2mDwdfF-1QTIaFDZqGxjHdOY94wmtf7Iu5yI06qDxK9TTYN_OFhq9WEu7dKPOXRiYymquORgz2_Xp2FAeR_Mi1FYS6qJw0PKn1N2ipGfIr9rzV8vezkMOIbg9IV8ohM0itBSYdmIALma7y2nLVZu-R3nyr67SPZEOxzCEY_lMlGewsmEduZ9yM8HTbo4CERKCxkijntNVfx8XQxN4hkW4BjnusFyEluqffXHBo_gV0BNWq3RnTq0VltPxf2KvWX5mIL_xtc2BEI1W1aUBx5RxjkTD9_9qlL0jWxCYfkAlD6f0Q1GevpnUdk2FMbFiGfW7alrthqoG2qlKUiw6wQ_aFuuL93Y6X4clLlk2GfTgdRSAvsdXuv6TccWtQGsao-fJY5vmsf3baD6_h4v9GK0ql1P8ge-7WMY2nbaqfPWIcz2cY_0inMvIiJ3_g","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ff.emmashoestienda.com/b1kvsod/f0od.html","date":"2026-06-11T12:35:46.691Z","timestamp":1781181346691,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 19:20:40 GMT","end":"Sun, 23 Aug 2026 20:20:37 GMT"},"fingerprint":{"sha1":"32:B3:C9:1D:B9:80:51:09:BA:C6:D2:6F:7B:D0:DD:BD:2A:7A:9D:CF","sha256":"52:93:C2:5E:FD:8B:E0:0E:30:EC:1A:D8:40:1C:74:D5:44:1C:D3:3E:39:B7:59:70:8E:39:E2:60:83:EC:C2:79"}}},"request":{"raw":"GET /S9bgT2osMdKM9tgxUyyWlUiGbumJOIzGrxOXMmol84dKl8ouBlAT2mgCKFLY3R2FItdFXVZJByA9FXCk2mDwdfF-1QTIaFDZqGxjHdOY94wmtf7Iu5yI06qDxK9TTYN_OFhq9WEu7dKPOXRiYymquORgz2_Xp2FAeR_Mi1FYS6qJw0PKn1N2ipGfIr9rzV8vezkMOIbg9IV8ohM0itBSYdmIALma7y2nLVZu-R3nyr67SPZEOxzCEY_lMlGewsmEduZ9yM8HTbo4CERKCxkijntNVfx8XQxN4hkW4BjnusFyEluqffXHBo_gV0BNWq3RnTq0VltPxf2KvWX5mIL_xtc2BEI1W1aUBx5RxjkTD9_9qlL0jWxCYfkAlD6f0Q1GevpnUdk2FMbFiGfW7alrthqoG2qlKUiw6wQ_aFuuL93Y6X4clLlk2GfTgdRSAvsdXuv6TccWtQGsao-fJY5vmsf3baD6_h4v9GK0ql1P8ge-7WMY2nbaqfPWIcz2cY_0inMvIiJ3_g HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ff.emmashoestienda.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 \r\ndate: Thu, 11 Jun 2026 12:35:49 GMT\r\ncontent-type: text/html\r\nlocation: https://ipfs.tech/S9bgT2osMdKM9tgxUyyWlUiGbumJOIzGrxOXMmol84dKl8ouBlAT2mgCKFLY3R2FItdFXVZJByA9FXCk2mDwdfF-1QTIaFDZqGxjHdOY94wmtf7Iu5yI06qDxK9TTYN_OFhq9WEu7dKPOXRiYymquORgz2_Xp2FAeR_Mi1FYS6qJw0PKn1N2ipGfIr9rzV8vezkMOIbg9IV8ohM0itBSYdmIALma7y2nLVZu-R3nyr67SPZEOxzCEY_lMlGewsmEduZ9yM8HTbo4CERKCxkijntNVfx8XQxN4hkW4BjnusFyEluqffXHBo_gV0BNWq3RnTq0VltPxf2KvWX5mIL_xtc2BEI1W1aUBx5RxjkTD9_9qlL0jWxCYfkAlD6f0Q1GevpnUdk2FMbFiGfW7alrthqoG2qlKUiw6wQ_aFuuL93Y6X4clLlk2GfTgdRSAvsdXuv6TccWtQGsao-fJY5vmsf3baD6_h4v9GK0ql1P8ge-7WMY2nbaqfPWIcz2cY_0inMvIiJ3_g\r\ncf-ray: a0a0a86c5b995691-OSL\r\ncf-cache-status: HIT\r\nage: 4661\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nx-ipfs-pop: rainbow-rbx-16-102\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-29T00:32:18.388813Z","times_seen":16809459,"resource_available":true,"data":null}},"time_used":3218,"timings":{"blocked":-1,"dns":4,"connect":3,"send":0,"wait":92,"receive":0,"ssl":3119},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ff.emmashoestienda.com/b1kvsod/f0od.html","date":"2026-06-11T12:35:46.695Z","timestamp":1781181346695,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:22 GMT","end":"Mon, 10 Aug 2026 18:37:21 GMT"},"fingerprint":{"sha1":"09:D4:FC:2F:81:37:26:42:91:15:6F:27:1B:72:A7:D2:1A:FC:31:72","sha256":"E9:45:95:A3:A1:F2:6E:F0:08:73:C1:35:32:67:E6:72:BB:89:C7:27:C0:8F:D7:48:6F:0A:88:7E:8B:00:2F:B9"}}},"request":{"raw":"GET /css2?family=Roboto:wght@300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ff.emmashoestienda.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 11 Jun 2026 12:35:47 GMT\r\ndate: Thu, 11 Jun 2026 12:35:47 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22340,"size_decoded":2428,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"b9f037ad2bf34f0e66cb12a391456d5f","sha1":"9e5e9fa857e3ed7ef12535c8fac83846034bf4a5","sha256":"2d09d5a02335bea6714b8a21156de9506fdd34d43d597aea05792ff050a588a6","sha512":"a49ad933cd238b818c604b044fa200f2d6a40d24040be41584f0c535f948b2f7642b0d91cbb77b07f41f071d46e6738a0d9c3a2d9ea125f463329280fbfbd970","ssdeep":"384:p9f59g9P9r9yU9/qY4+949Y9p9fM919W969yh9/qY4X9N9t9i9fD9O9d9B9ya9/U:pDS99YURRuWDyjooYhREHPM5svvYaR78","tlshash":"86a210a1041744009b834ce223cebf35fe1f52117142d0b5abfd9b6b9ddbca6526939d","first_seen":"2026-02-19T22:28:50.873195Z","last_seen":"2026-06-28T23:49:22.963072Z","times_seen":5007,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":5,"connect":19,"send":0,"wait":34,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.tech/S9bgT2osMdKM9tgxUyyWlUiGbumJOIzGrxOXMmol84dKl8ouBlAT2mgCKFLY3R2FItdFXVZJByA9FXCk2mDwdfF-1QTIaFDZqGxjHdOY94wmtf7Iu5yI06qDxK9TTYN_OFhq9WEu7dKPOXRiYymquORgz2_Xp2FAeR_Mi1FYS6qJw0PKn1N2ipGfIr9rzV8vezkMOIbg9IV8ohM0itBSYdmIALma7y2nLVZu-R3nyr67SPZEOxzCEY_lMlGewsmEduZ9yM8HTbo4CERKCxkijntNVfx8XQxN4hkW4BjnusFyEluqffXHBo_gV0BNWq3RnTq0VltPxf2KvWX5mIL_xtc2BEI1W1aUBx5RxjkTD9_9qlL0jWxCYfkAlD6f0Q1GevpnUdk2FMbFiGfW7alrthqoG2qlKUiw6wQ_aFuuL93Y6X4clLlk2GfTgdRSAvsdXuv6TccWtQGsao-fJY5vmsf3baD6_h4v9GK0ql1P8ge-7WMY2nbaqfPWIcz2cY_0inMvIiJ3_g","fqdn":"ipfs.tech","domain":"ipfs.tech","tld":"tech"},"ip":{"addr":"185.199.108.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ff.emmashoestienda.com/b1kvsod/f0od.html","date":"2026-06-11T12:35:49.916Z","timestamp":1781181349916,"http_version":"HTTP/2","security_state":"","security_info":null,"request":{"raw":"GET /S9bgT2osMdKM9tgxUyyWlUiGbumJOIzGrxOXMmol84dKl8ouBlAT2mgCKFLY3R2FItdFXVZJByA9FXCk2mDwdfF-1QTIaFDZqGxjHdOY94wmtf7Iu5yI06qDxK9TTYN_OFhq9WEu7dKPOXRiYymquORgz2_Xp2FAeR_Mi1FYS6qJw0PKn1N2ipGfIr9rzV8vezkMOIbg9IV8ohM0itBSYdmIALma7y2nLVZu-R3nyr67SPZEOxzCEY_lMlGewsmEduZ9yM8HTbo4CERKCxkijntNVfx8XQxN4hkW4BjnusFyEluqffXHBo_gV0BNWq3RnTq0VltPxf2KvWX5mIL_xtc2BEI1W1aUBx5RxjkTD9_9qlL0jWxCYfkAlD6f0Q1GevpnUdk2FMbFiGfW7alrthqoG2qlKUiw6wQ_aFuuL93Y6X4clLlk2GfTgdRSAvsdXuv6TccWtQGsao-fJY5vmsf3baD6_h4v9GK0ql1P8ge-7WMY2nbaqfPWIcz2cY_0inMvIiJ3_g HTTP/1.1\r\nHost: ipfs.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ff.emmashoestienda.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: GitHub.com\r\ncontent-type: text/html; charset=utf-8\r\nx-origin-cache: HIT\r\naccess-control-allow-origin: *\r\netag: W/\"69d5012b-f5e\"\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: CC2C:FB59A:112B0B:12BE51:6A2AA3AB\r\naccept-ranges: bytes\r\nage: 2042\r\ndate: Thu, 11 Jun 2026 12:35:49 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-bma-essb1270046-BMA\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1781181350.993872,VS0,VE1\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 0607086d67a0c5cfc8d3ae639df47296a88a6a13\r\ncontent-length: 1420\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-29T00:32:18.388813Z","times_seen":16809459,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ipfs.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ff.emmashoestienda.com/b1kvsod/f0od.html","date":"2026-06-11T12:35:50.032Z","timestamp":1781181350032,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://ff.emmashoestienda.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 11 Jun 2026 10:17:38 GMT\r\nexpires: Fri, 11 Jun 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 8292\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":43136,"size_decoded":43947,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-06-29T00:31:42.773407Z","times_seen":206061,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":5,"connect":34,"send":0,"wait":18,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}