{"report_id":"e345de16-618c-4af7-8cba-20b585aff814","version":6,"status":"done","tags":[],"date":"2026-01-05T22:31:10Z","url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"104.21.0.118","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"title":"NEW YEAR VALORANT","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"104.21.0.118","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-09T22:31:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-05T22:30:47Z","timestamp":1767652247,"ip_dst":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.36","port":50304,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-01-05T22:30:47.350429+0000\",\"flow_id\":1660620039995178,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":50304,\"dest_ip\":\"172.67.150.238\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"valordem.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":914,\"bytes_toclient\":3519,\"start\":\"2026-01-05T22:30:47.343850+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-01-04T22:27:18.120727Z","alert_count":0,"request_count":6,"received_data":372229,"sent_data":2692,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-04T22:14:09.841371Z","alert_count":0,"request_count":3,"received_data":113337,"sent_data":1642,"comment":"","tags":null,"fingerprints":null},{"fqdn":"db.onlinewebfonts.com","ip":{"addr":"104.21.2.109","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-09-28","domain_rank":91976,"first_seen":"2015-10-20T18:27:41Z","last_seen":"2026-01-02T01:49:02.45241Z","alert_count":0,"request_count":2,"received_data":23528,"sent_data":990,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-01-04T22:40:02.941781Z","alert_count":0,"request_count":1,"received_data":232652,"sent_data":416,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":2,"received_data":45087,"sent_data":948,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"valordem.icu","ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-22","domain_rank":0,"first_seen":"2026-01-05T22:31:12.650337Z","last_seen":"2026-01-05T22:31:12.650337Z","alert_count":61,"request_count":61,"received_data":3893320,"sent_data":28105,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap:5.3.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-08T12:30:54.748671Z","times_seen":688447,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-08T12:30:54.748671Z","times_seen":688447,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/js/lang-widget.js","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"83cbc79d8687120b87f69b0ff783a8e4","sha1":"bd96f96d92ce3d3d938266b3d5cc5f9ee7bac77e","sha256":"cbbda3cd6b05e144dff9f216ca3edb188d1e50c87aee59583f890bc13bba0da0","sha512":"35061db3378d018114fe826e55ff9bf45b15e34485918c0ac3546879e38df3cc85af3d2a767baf2dc3e1ad8efa70d38fd1fa70aade0d2eb051a919251aaa74b0","ssdeep":"1536:6Ifcc1IKpA56oPqOeL7ZLfrSUi1VWiXwejcFeaQth:V7IKi56oPqOeL7ZLf+PEiAejcFeaQth","tlshash":"f673308527c1b86212475b773317b1e5e82b4cedb588048ff214bca4f1adb22fad8572","size":76478,"data":"","first_seen":"2026-01-05T22:08:24.806835Z","last_seen":"2026-01-05T22:31:19.643742Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/js/animation.js","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c5a89847d09b24d96c03e55d0d4858ee","sha1":"51f010d13238069e7ef1b77e5ec393eac5cfe0c0","sha256":"6a8efd24997f747a272abc947a1b0fc78f92420b8d3eb690e1e4409411e3bc2b","sha512":"c9e107c3dc62bb489579129bca7699d1c7e960b02bef6edec36a23e63bcb950c993285381df610513a0f8e8f8e95ddfe2755b109eeb3a7f9a9e7321277136912","ssdeep":"1536:O1zuTfMpS4KEXMFvAp7MB6lhTyjVRA99udxKaJLlMitOLkchVfkoSUA5jpV:O1KTfMCkThi09udxKaJLNtOLk0VfCUAN","tlshash":"3f63508177c17c8113474bb6b32ba1e6e52e5ce974cc048bf404bc94f5a9a1afae5e70","size":73310,"data":"","first_seen":"2026-01-05T22:08:24.739528Z","last_seen":"2026-01-05T22:31:19.654967Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-08T12:30:54.749302Z","times_seen":228404,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-08T12:30:54.749302Z","times_seen":228404,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-08T12:30:54.749302Z","times_seen":228404,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-08T12:30:54.749302Z","times_seen":228404,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5a61c749e44e47159af8a6579dda121","sha1":"3b41b3bc956685015a347a2238e71db29dfa0dbb","sha256":"0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740","sha512":"5ed98cb4311c373da3ede92bb47bce551e22c30683ea8fc55097baf99abe1e0702b24de48f8b9241047cc1e4364158f5a343e4e8fc182e8866db4e99ccd7ee6e","ssdeep":"768:4rkkX123A5YHi6pWzYdlNWYcx16nnYdXRRMd2KYCQCsPShb1ez7RFmYH:EPrYdlNixEePiYH","tlshash":"e513a549d205276285d721e62105c40eb3f7fb3cba22c0e475c9d3ea646ec4896d7bfa","size":42863,"data":"","first_seen":"2023-03-07T01:06:34Z","last_seen":"2026-06-08T12:41:36.930854Z","times_seen":99504,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-08T12:30:54.748671Z","times_seen":688447,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.slim.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5e71829ecdc0456818e3b93f57b14a0","sha1":"e502aa0259449fc0f077ac15815a1eb81737dd85","sha256":"520bef37cbc19203b496e3d2525dacf13225392611a061405f88e50889bd01d7","sha512":"76870111eab6f0209a5c25cdedc20d93242cd2946ccdd42c54115651dfa92cd9449372c39520c3b4dee2d47fa74c1f2db2124f4074b4caed065bd60615dfc246","ssdeep":"6144:IwsmYhct1SS+TC1lmhTzeKRYcYmD2zK8USJsdZQ/coLGVFyy/RgL/uiOpyXXaDrp:tuYcYmD4/cZQ/coLGVFyCJ9rp","tlshash":"2f34c5e8f78d112e4226316aad2f11cdbb7cd1b1561458aefd4d497c24a083c42faf7a","size":232015,"data":"","first_seen":"2024-05-16T07:18:22Z","last_seen":"2026-06-06T20:55:59.655617Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e477967e482f32e65d4ea9b2fd8e106","sha1":"ddc6e9ead6d16ae9237399ce41e8c1620cc59c36","sha256":"0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c","sha512":"ecf8bfa2d7656db091f8b9d6f85ecfc057120c93ae5090773b1b441db838bd232fcef26375ee0fa35bf8051f4675cf5a5cd50d155518f922b9d70593f161741a","ssdeep":"1536:WmwIiEEO+TBR2t4J9RirWDKsVA5y7fy3YJtC/r/45wZbfbXZTb0WU078:HwORx3YCD45wZbDZTb0g8","tlshash":"ce73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","size":80721,"data":"","first_seen":"2024-02-25T11:27:02Z","last_seen":"2026-06-08T12:05:15.988916Z","times_seen":27006,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-08T12:30:54.748671Z","times_seen":688447,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/js/i18n.js","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"46fb63a34f04acd38ce9f7660495d0a1","sha1":"2b48f16a555800bd4c5b6d31d3ca788a2318a054","sha256":"ce67079892e8fa384cf542319995d78021b5b8c997a3de9d3e844d229a69c1ed","sha512":"b8c05f7affc6a501f16eb38d6a6ff1add7ca5ea4679b4086538753271ff592b1d9baa8a70e8869482c78bf5aba0d1bc1ba7ee8d3d4562f6b90ed71a4a8ad6876","ssdeep":"12288:wByjLBKyxPOtxtO5NZScAM2KkpEot3lOzUX6yD3BJk8DQ7bXYbwm:wByjLBKyxoxs5NAbM2hzeS5XpUvXYbwm","tlshash":"5ac4216267b07716610b4f233bab71f86725bd11f744c38be5592e00f0be922b5b86b1","size":563157,"data":"","first_seen":"2026-01-05T22:08:24.857144Z","last_seen":"2026-01-05T22:31:19.662606Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/js/script.js","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef9cb3e4a0c9b7325092a82fdfc1d637","sha1":"abfba7fce6b75c157916d2bbfb8da8995d972873","sha256":"fa22233dce62ebb423b1415b03e4110ca70016744c883b0ee32fb4571cbbfde3","sha512":"6f445911be5425c96d8ea5372456dc654d4814c353a2a93c2bfe8e5e5bcb0fd53b048d55aa4041b9094c00a6b6c55cec5348dac66e0c3c5dba5adeff5dc4ac9d","ssdeep":"3072:VRRIOBhHwJixLtit7fz5Z8mbwtGWD5hYjTz75:/wi2Thk4jTz75","tlshash":"22d34f9237c57c96174717bab317b1e1e92a5cdab48448daf108bc24f1fca12fad8271","size":132184,"data":"","first_seen":"2026-01-05T22:08:24.750515Z","last_seen":"2026-01-05T22:31:19.646228Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-06-08T12:35:34.828513Z","times_seen":300629,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/PrimeVandal.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/PrimeVandal.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 42900\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:48 GMT\r\netag: W/\"a794-19b5a0493fe\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LpKNvSXejEEPK1XLk9auu34a1PmREebqSSjDu7ZlVkv0hZo1w7YyCVEEYa9DvDeWMr3fj1JNQIv8Nxz%2FRLscOjmtZobJVjdnWGA%3D\"}]}\r\ncf-ray: 9b966c1f4b2e0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42900,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 148, 8-bit/color RGBA, non-interlaced","md5":"772df26176258bfa3c53796f862742aa","sha1":"a5264bc7a80688b7f3f46ca40f9d206518eff921","sha256":"becbab7eee11f9100db4b79b8d9744f46a5d08027858c64c4cfb8c17fa553154","sha512":"5fb0a67acd85ff98650950b2b05f1ae15db37dcf99d2726a7c6788d3bc3ed1ccda033a3412ac14f164d6fc74753a79d9abaca1312f5116d954413aa213d7c4e3","ssdeep":"768:FFBPb7aDLkTJWiQLZIso0wLC3D+L3hAyuos5Q6FpprI9VFxXIQ3vYsWdbGXk9iEf:lqPwklmC3D+Lay5cnM1Df44XksEf","tlshash":"111302bc2425e525cfcf3692902aa086403dbc1a5d6da18c5b6122c36e0f7a9cc3caf5","first_seen":"2026-01-05T20:37:02.395343Z","last_seen":"2026-02-26T10:40:24.02187Z","times_seen":8,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T22:30:47.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=grlDUnVdM6BQsvhnA4zgIOmQ9BgNJ0txen849cUPLQuPuNrZALTIMYRgKbCs9zBQ5JvDwZywtBNLd9tIxmbicbpC4zMKiUioFFgj9g%3D%3D\"}]}\r\nset-cookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==; Path=/; Max-Age=86400; HttpOnly\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9b966c120ffab1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap:5.3.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}],"data":{"size":77087,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (24718), with CRLF, LF line terminators","md5":"86cf4f1de10b3e04d114e9c11f0bb80c","sha1":"c77fb0f21e5ca7602189ecea47cb393624a78dae","sha256":"edb11b6daca8b7460875e2702dc4660efc741a10bf294f3586284a098622cd7c","sha512":"06f5af49d6bd1913b378dc9756763691893cdfa2053d3d5ec2282faa051ef8ec366963463eab7de128fc7a3de63dc4414ef6f52585fa72d1eb0a5f3ffd6c6bb6","ssdeep":"1536:tCyeHF8hxMPrk6Kw/BdsokEyAw6sum1uyfufluw7u0+y0uw6zvg12yscm2/5:UyeluxGrk6Kw/BdsokEyAw6sum1uyfuq","tlshash":"8c73512555d014654073eea4aa72af1dee31c143ef520e4c33acdbe38fba942ec2b559","first_seen":"2026-01-05T22:31:19.615288Z","last_seen":"2026-01-05T22:31:19.615288Z","times_seen":1,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":65,"dns":55,"connect":1,"send":0,"wait":212,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/bg/roulettebg.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/bg/roulettebg.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 114329\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:51 GMT\r\netag: W/\"1be99-19b5a049f42\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ALqCMc%2FD1%2Bve8KN4x5zQzk854tml0611zL%2B0MXgaHE4XfX452zQzUKltBHeyf44nvf7jKLqK1IpVMjNTudzmw96yKi38bbt23yk%3D\"}]}\r\ncf-ray: 9b966c1aeaee0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":114329,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1600 x 1963, 8-bit/color RGBA, non-interlaced","md5":"29b987af734e92020aee1ab5b3e433c5","sha1":"9f593125fd85506f9f1b587df5ebb6e25aa2d18c","sha256":"7207938087e86338c5ab7e0e3b0efcb4c3355940a5757618492c0f0dc5b87ed0","sha512":"f96b579547a958879a3dd6d2de611b4c29304b8b80f95b09e72061e3f511bb73bd8728aa17a99398b08f21db917861d952a746c99bcd1854d88c5f0beb5e44ea","ssdeep":"3072:+tmpfB3ANEbYBTDttmuHes2BEKEnjqoEdW:+SJANjbDHeBEXeoB","tlshash":"8ab301fbed724582c72f9134d48e7fa0bb7242bc011b1775aa3e52705f8962fb805266","first_seen":"2026-01-05T22:08:24.743643Z","last_seen":"2026-01-05T22:31:19.617739Z","times_seen":3,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":123,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/bg/faqbg.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/bg/faqbg.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=doUp1rY7fxASAnjzSaQEzCrpY55YAut9GJEb%2BCHU08CeuBqC4Q0%2FGMaWymLuO8q%2FTiUbW4crxqATmgs4eIGgooZdrp%2F0p9PPGRk%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:52 GMT\r\netag: W/\"9e5-19b5a04a60e\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1afaf30afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2533,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"72df354067e8332bf5c88cddba37e0de","sha1":"0f6825bbe87096a938e519e9e311b643b9244476","sha256":"54f28f2949b1254cbb6d16428b9fb1d8c48db90905833742c19564b2599fa4fc","sha512":"94d40a0f06d2dff6a6cc78254a0222d72751ed5bc103c7ecdafca00c5a5457442899d7675c4dc97b664a4a7c1ca319ec3c044f0b962162c8f5921536cf0519d3","ssdeep":"","tlshash":"81517bcf3ae40cc58440cedeaf5a48be287124e145651c48a47a8e6a3cd5b6f3b66fc5","first_seen":"2026-01-05T22:08:24.825401Z","last_seen":"2026-01-05T22:31:19.618909Z","times_seen":3,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/aboutbgabs.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/aboutbgabs.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dorxLYe0zfoWiAv33%2FvPKf3b5i44l8Nh5WAMbrG%2BgU9MChYC9jSfVmCdHFoFxxoK8I3LBPuaEWei5wlPpEv8QG4RMqR4zVcWTSM%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:44 GMT\r\netag: W/\"f65-19b5a048766\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1b5af70afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3941,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"03462aad99c6f5011880f90797bdfe8d","sha1":"6a7f87dfe40cf2972d6bae4f67d7f78639d01484","sha256":"32ae6d33310c0879e3b566e6e438c79fe690b25aba38c93986340c8dabab3f2a","sha512":"37f47ecb51dbe167044f062c1d5170b4fea7e4b7c2c01597d9dbba2ea2183fe88dfb126b2d0c1361b431cb6e5ff86dcdaf908f742e01b476edac418d0d8ee7dc","ssdeep":"","tlshash":"4a8113eb698950e4d402179efe3a29ad105fb0b81fd545d3c7c2aa839816cd16da8cc1","first_seen":"2026-01-05T22:08:24.82702Z","last_seen":"2026-01-05T22:31:19.620007Z","times_seen":3,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/favicon.ico","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:50.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:50 GMT\r\ncontent-type: image/x-icon\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bc0BLHgivYzcb0WkaixgktMMOd7h5CGncq4GO%2FFRBA23XZu1vwHDI%2BwK68pmWcQj2NSbLA4KbVIQDt7tOurNZx0HGbVDemHcxKE%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:55 GMT\r\netag: W/\"4246-19b5a04afa2\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9b966c261ba00afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16966,"size_decoded":0,"mime_type":"image/x-icon","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3","md5":"4439c3e9e6302ff680c5291463f5b902","sha1":"030a23e266c827a0397affb458bf782428a47d99","sha256":"948b40a28b72f8c339f6431802d2e986034654094760e3c525dc2a4511903e8b","sha512":"c41ff3d825c0c414e0e86ed512a78b84677a1870b908122fdd1224368b8c09f933bf38335aa2c3764e829f8850baac8d9ff87d1f8a333278d52a0a5ff20e2ae8","ssdeep":"192:bb2XEooq5+JXD3Pgvj7h12N8vqOb5tGZsh16TPj1PuDunbQqBOJljBs1kI:OjQJz/gBo+q7mkZWqUAOvjB8","tlshash":"02728d5f1a8649e1e5f2427253628e0d68e70b23e07e64b0f5f45572b9f27b27c28933","first_seen":"2025-11-01T22:50:54.472244Z","last_seen":"2026-05-23T13:17:07.612966Z","times_seen":79,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/css/style.css","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/css/style.css HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ajtZtg7vOOmXsdJBiUPMG4ohshoLFsFsh7ZYoDHZifmVK7mpKTpQh8Fi8rhIjJpRPbxdGlV47vcNHU3sBlIo%2BfTAp8zJyIcCMG0%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:54 GMT\r\netag: W/\"8ba3-19b5a04ae0a\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9b966c146aa50afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35747,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (1934), with CRLF line terminators","md5":"31ddb9fbec9db5159121622d2bcf8b93","sha1":"96ede5abacc0840b0e9ee7d674f720ffc874b9f9","sha256":"99fc0588f24dffba1576da69ae21fcc4f22feac9f2fb0647ec4ac0566584c7e2","sha512":"144c93eff15b88a9a932d128ed69c8188c45d89c5b4918cbbfd399bf3516fb17a7b5b5631cd2d4dbcab2437d4a10d4204b90cce76068d1a5ada50cb7b5e19798","ssdeep":"384:R7bWZ1veKpm7O4oiNRwuegzrqIoOPPPJQWD:9WZspO4oiNRwuegzrqIoOPPPyWD","tlshash":"9df27554d2411009b2339e68bbb21b08e7ac8093da06457d7b9636499ffb1ecd272fdd","first_seen":"2026-01-05T22:08:24.8177Z","last_seen":"2026-01-05T22:31:19.621973Z","times_seen":3,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/slick-carousel@1.8.1/slick/slick.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 533\r\ncf-ray: 9b966c149a2856c7-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.8.1\r\nx-jsd-version-type: version\r\netag: W/\"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230124-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1703773\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=DZoMbqgHO9BPwH35E6logmC6JerPzQGjRgPybLjPVjlhGD2VGc%2B7Rmrsrj%2BUDyjlw8ZbCRtgUcqRyeZL%2Fia4JBtcJP6pY61wC7iD8ahLJti5lNkFMeDDeYB6GAOvIaGs8eU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1776,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"f38b2db10e01b1572732a3191d538707","sha1":"a94a059b3178b4adec09e3281ace2819a30095a4","sha256":"de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5","sha512":"c11e283612c11dfeec9a3cb42b8a2acdd5ae99dfabe7ffba40efef0dd6bbe8c5b98ae8383d3eeff3a168124c922097eddd703401ee9ac6122f1ebab09bbf7737","ssdeep":"","tlshash":"c931294845b389468416808d5fd7ca6d2bfff0130829e199ba8d1306cfce7d8a9c26b2","first_seen":"2023-04-05T08:37:21Z","last_seen":"2026-06-08T12:49:23.424985Z","times_seen":65898,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":8,"dns":1,"connect":3,"send":0,"wait":13,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://valordem.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 23:36:38 GMT\r\nexpires: Wed, 30 Dec 2026 23:36:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 514450\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-08T12:37:03.13537Z","times_seen":206113,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":106,"dns":4,"connect":7,"send":0,"wait":8,"receive":8,"ssl":93},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/counter.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/counter.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KwiCfX7No9AKZJ45I%2BaVngZlfjtqkdp%2FyjMjxU9yHmgXln4b%2F82yVEkM6i5zDXcSK2S%2FJagROA0kZ9I0%2F2JHR8xi5E1MvfKk3Yw%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:41 GMT\r\netag: W/\"1d5-19b5a047a2a\"\r\nvary: Accept-Encoding\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1b5af80afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":469,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c869be58d88055f69c9d809a40a37f9d","sha1":"4565900f40be19be4dbcc63195cca594ae19c80d","sha256":"495cbe0c920df9cc92c52997b53b6a7552f5689d7a085220b0db46faa8fc3b24","sha512":"93d26e850b3fb806dd7ec672abad95835189adf5b81c6b94e75101966389afdf39ae51ef5c313589a0ce97da9c08a37fa23e96eee326d41b8c1c5caa4c652ecf","ssdeep":"","tlshash":"72f0dc3e324ee670a161cb60e938b105a0a310e567c81058d2818618e23cc7e1cbdecc","first_seen":"2026-01-05T22:08:24.847022Z","last_seen":"2026-01-05T22:31:19.62572Z","times_seen":3,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/counter-1.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/counter-1.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZcD1zrR54j0dpAkog8U0dGRGO%2FvHxtleAtwjyKon4oY9D15KYeqOBbyBAX%2BTssj8O7l9Flaj2xUOHAZN7uaayufsVt6htcKI0B0%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:41 GMT\r\netag: W/\"415-19b5a047bbe\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1b6af90afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1045,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"75b1d23d38c16bd59ff27bfae9e6c56f","sha1":"eccc4b2de78370aba72a0dff940831c449ebc163","sha256":"16bd118fd134458cf4e962bfac997502e513997dc386f1a5989b90572334f57c","sha512":"e29e379f3c515de5c41ff73fc4a0d33a36abc37e168072e0023576abe9b5f58c161d4bb97f5c728e19c0404163490a0407bfc43b129b732b20f2d0d98e08ab1e","ssdeep":"","tlshash":"b411adbe97c7b6e0a1001f20ea347172b1af38fa13e4179c5102cf24e57947a6d95488","first_seen":"2026-01-05T22:08:24.828075Z","last_seen":"2026-01-05T22:31:19.62767Z","times_seen":3,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":115,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/PreludetoChaosVandal.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/PreludetoChaosVandal.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 38057\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:48 GMT\r\netag: W/\"94a9-19b5a0494ca\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IzDqg1uGZeNk%2B5lvKp4Z%2BbpVkyxISzNj%2FQf%2FJMKTc%2FwYHAeOmussxFOCBQRXrYqHGA8TTbDVj%2BfEhLVvj5rJJBYLhlPnaCRYxpE%3D\"}]}\r\ncf-ray: 9b966c1f3b2c0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38057,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 140, 8-bit/color RGBA, non-interlaced","md5":"5806e090fa8a9e8aceff407c5fcaec52","sha1":"8254e8c4c96f4c82dbd340b9e0131dfdd9ed31ee","sha256":"f675cb952e09b3279fec4c0dc5816d2f8468814fb07005ede56a97ab8723e0a7","sha512":"b5dc0aa04e03f2393eec5959179cc38fac06b0f1d8ab754cd81ed496eb6fa15280fe69c05f8ce5ee54ba8a323da8aa38c06d1e30a9326336e17fb7692d1fca7b","ssdeep":"768:gsGhYjfuRG21s9VIaR8HzUcObCPKv7zapGR1k3Nu/43AWNNSM:gshR2uVIaG0fy0Uk4vNSM","tlshash":"3003f1641be3adf18746b13d665fc07ec488e36f6c95a12a2c42ece163c90a55778f4c","first_seen":"2026-01-05T20:37:02.30061Z","last_seen":"2026-02-26T10:40:24.067616Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1148,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/DivergenceOperator.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/DivergenceOperator.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 36319\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:49 GMT\r\netag: W/\"8ddf-19b5a049b3a\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I0mbvpFFQKziH4xglfjGRAbeES5s2F2uXPBdwWIzzipIMKap9kHwAISIqZUyU%2FQrLVfQfQPWsASMlcP4e2gt02iJDLPwt6NCwWg%3D\"}]}\r\ncf-ray: 9b966c1f5b320afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36319,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 100, 8-bit/color RGBA, non-interlaced","md5":"186c22487f6d84174351976d657d534e","sha1":"ebfac2dad95e388fcb119b1613a7a0309e9bd2a5","sha256":"bfa97b0a28e27ec6014683d20aebc3f495395488456b2412923954a2fc76ca5b","sha512":"234892bb757e436b6acf930abdae766c6c061d76905ca07cf58747a14f585ff52f0f56cc43a6d9a0b9d11956b4c574280a79cd07243e52800636595aa8e67415","ssdeep":"768:kbCrxZPsvQVuNrQvZiMayO7NCd8dhaDApivaMUqCMllBIvqcUe:SCrxZPmYZi1P7Nkehzp8dUqCyBIya","tlshash":"e5f2e1ec57e3891fcf02e0a7f8819e048ba3e47c854e8726399d208d313567b9b99924","first_seen":"2026-01-05T20:37:02.325204Z","last_seen":"2026-02-26T10:40:24.022666Z","times_seen":8,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/nav.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/nav.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 166\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:39 GMT\r\netag: W/\"a6-19b5a047156\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qBTRctaqaTHjH%2BBOQiNpmijoxNQG%2F1vj8nwLPmpG01MlxQ%2Bu3bJQ0cIchObkULaI76IAShn%2B%2B8YFOMHFDrwQpEHF11rylXnCv6M%3D\"}]}\r\ncf-ray: 9b966c146aab0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":166,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 21, 8-bit/color RGBA, non-interlaced","md5":"64bf44c47e8f8b4387b4f446970796d5","sha1":"76e35483ad151826ea440c13dd93b0a21b0fdc42","sha256":"e13dbb3a66cad549686dcf732d1c15e96460286c50507361a56d3e404f046f9e","sha512":"c077a089858245f832fb36cabc749be706999c92cee5f55e919768df92143612c58c6893a9f818026431a5232a2f707f39f92603a2b4db984f17675ed342b821","ssdeep":"","tlshash":"c1c08cd5af8a6c7ec10f8a7623a60990a5fb245b012d264d9ed4602886099e816a6392","first_seen":"2026-01-05T20:37:02.334248Z","last_seen":"2026-02-26T10:40:24.019521Z","times_seen":8,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/tt.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/tt.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9TVlji4r6ZE1xFy7RQrC5GaYln4uuWETFrwcz0S7y%2BAqEBLO8kersGTPTy0vjjogK2K7vHKjsxe1sLvWJSU00w0HoCHie80xMt4%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:36 GMT\r\netag: W/\"515-19b5a04654f\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c146aad0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1301,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"322fea7995913520a8407f5dba28daf8","sha1":"19569e15090c23323b87fc220c3a8845ef6e34b0","sha256":"1d3c6217a9b0364348ae2110bfe6a5a9aae6866b44b69fb7d6ec87891b0fcc94","sha512":"49cf5585a84adbf577b4aa31f3d65bbad80f6022312d560dd42930063fe6e20fceb54d720207e3eaa4e88c98bfba4a8e617ed3c250aa638046a64854fdf90f68","ssdeep":"","tlshash":"ec2140f200d89bea520b0b38f936be41f03c5cbcdbc963d9d29c9dc95641056cd29d64","first_seen":"2026-01-05T20:37:02.31883Z","last_seen":"2026-02-26T10:40:24.04378Z","times_seen":10,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/twitch.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/twitch.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6JqOJ9eGZme3CmPopS7pgYdVr0dOjw0UhsfOBzUE6cNWfKvnNEL5myS9sax6%2FQJcl9aRupV3yEYkzlh15PS3TEN7pqp0sAdbvPw%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:35 GMT\r\netag: W/\"208-19b5a046483\"\r\nvary: Accept-Encoding\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c147ab00afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":520,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"800fd0e1c577ae132712f7de0043c5ae","sha1":"534a9c8f572f811a85b2d3bd26829b65dec57b55","sha256":"81362f80b170325945b490b99efc6ecdc051ce608c496e19ca6de4d8a78a8c1c","sha512":"cec7d3b99539fce0a076a3cf5ea68e1aeae38aa47ecb2ae6d4e7c7e3175e71fe26b9622e7fb746b4d2bcc77c9f7471cb4e37285b86cb1edbdb81a1e1439ef177","ssdeep":"","tlshash":"27f059b47228dd959008023cde3f16c5f06be4f97bd9d0dc43a03ba1a4a05a20c292e8","first_seen":"2026-01-05T20:37:02.349296Z","last_seen":"2026-02-26T10:40:24.046708Z","times_seen":10,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/bgcaseleg.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/bgcaseleg.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=70ZX9C1qDn4w%2BqZ0XWrmXE7t1KWLUAAjKbToRgYzmRLhI68KoonEoyxF9TldPzLuSu57X1JTnrQ9xjrCGS9vCaBaT3%2F2kfzb5UA%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:43 GMT\r\netag: W/\"119d6-19b5a0481d2\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1afaf00afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72150,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e32f104abffdaa05ff4a90ec3e0d0797","sha1":"a49f8000a26ec935b305d86bf866b6351863318d","sha256":"2a1c2a87d4a21970c81d3937552de3ade3382a04618b3cb342b61732c56254cd","sha512":"4b939a2f5b3f0d6704e4b25f793a5e2efda13c55347b607328a53737e56356c31e10d50bdbdb8e8829e3fb0a9b246300c188b838ed91e81a0a1c56581c787cdd","ssdeep":"768:ESoF+MkzB9TQ5KjwAJaPzmhBDNG4gQWK/cIuiyKisn6bVCw/V/Py/K:ESoF+MkzB9TQ5XpzmDNG44kK","tlshash":"02630dd04380e9f9d55f1f639c2279a83490743eb74673a8c4e992312cb96ebc91c9de","first_seen":"2026-01-05T20:37:02.371187Z","last_seen":"2026-02-26T10:40:24.057868Z","times_seen":8,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/bgcaserare.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/bgcaserare.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w6WWRo%2FtTxNKFmxcx0BMFXgecDUR2zbu3O%2FaEmm3J25FSNmNj1PjOEFLURNCpo2YLp5QcJ%2BeMiFuwzs0aR1qQKbiYAYESS943AY%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:43 GMT\r\netag: W/\"119d6-19b5a048036\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1afaf10afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72150,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e0c37c242668455158312676c03dc0df","sha1":"4d77a9fd342420a1bb42d872e22aec29f02d8f59","sha256":"c1111da3fc40a9e5729eede0d52060fbd86fdc409177ab518ad19957c26073ee","sha512":"75b7a5319c32b4113fc95b7ebd6f39f642b0896d26a3452801dc7d65b28146eddce1414497833f77f922c066d9038a48cdeed85de85236328d0ebb2eaafbd36d","ssdeep":"768:BSoF+MkzB9TQ5KjwAJaPzmhBDNG4gQWK/cIuiyKisn6bVCw/V/PyoOx:BSoF+MkzB9TQ5XpzmDNG44LOx","tlshash":"41630dd04380e9f9d55f1f639c2279a83490743eb74673a8c4e992312cb96ebc91c9de","first_seen":"2026-01-05T20:37:02.310969Z","last_seen":"2026-02-26T10:40:24.045396Z","times_seen":8,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://valordem.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 23:36:38 GMT\r\nexpires: Wed, 30 Dec 2026 23:36:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 514451\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-08T12:37:03.13537Z","times_seen":206113,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":194,"dns":5,"connect":20,"send":0,"wait":8,"receive":3,"ssl":166},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/MystbloomPhantom.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/MystbloomPhantom.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 48446\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:48 GMT\r\netag: W/\"bd3e-19b5a049666\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LT3K79qDkI0%2F%2F%2FVza2YWhVJMQOkG77KdLMg1YExKT7V3v8VznXpwwx48fKHo%2FbfH5t2mnkZcY9HGd3Mjx4mX6BXiROxQPWGVsds%3D\"}]}\r\ncf-ray: 9b966c1f7b370afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48446,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 120, 8-bit/color RGBA, non-interlaced","md5":"cf5228e8633c31047fd686bbf6e58af1","sha1":"98dcd78f27ba4194b8521d4645763b1875bf7ab0","sha256":"3eb9065b4bf4ad474227ac83a2c4b657842ad7a31abf3af68a6889af75a572fe","sha512":"a19aa1adec9388a467c66abdbe2bb57c530cce557ba7b12ceaa7e37b9f693b051bfa87fb22c160087417429d8093ba9d4b274583e924fe7688658e14d9f8650c","ssdeep":"768:ZGAaslNSHHqs3XLL0dYP0e2Hrn4HAbmA1vKNsMgUuG8gipVN+m2lXe/QNJwtE6Tx:ZGAPlN+Ks3bLYJTHJ7MyuuhzPrCO/2JY","tlshash":"5a23f26c9488f7726cd2edd7c77b186e44037f932a807175878f30145bf9da608a1682","first_seen":"2026-01-05T20:37:02.271616Z","last_seen":"2026-02-26T10:40:24.061742Z","times_seen":8,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://valordem.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 24464\r\ncf-ray: 9b966c14ae71120a-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.3\r\nx-jsd-version-type: version\r\netag: W/\"13b51-3cbp6tbRaukjc5nOQejBYgzFnDY\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230079-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1616492\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rcMXTmS3Q0x3uvxNo1JEXJV52n4wyGMi2lk4NCHPOLfSMJ0vs4uj9SR35Ep1mXL9dlQRoxYWEvDacsws0JH8fZZ8BnpbLsh3%2Fuzz3Wk%2B09dSvf8lorJPar49LFa8Ds7YG5U%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80721,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"2e477967e482f32e65d4ea9b2fd8e106","sha1":"ddc6e9ead6d16ae9237399ce41e8c1620cc59c36","sha256":"0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c","sha512":"ecf8bfa2d7656db091f8b9d6f85ecfc057120c93ae5090773b1b441db838bd232fcef26375ee0fa35bf8051f4675cf5a5cd50d155518f922b9d70593f161741a","ssdeep":"1536:WmwIiEEO+TBR2t4J9RirWDKsVA5y7fy3YJtC/r/45wZbfbXZTb0WU078:HwORx3YCD45wZbDZTb0g8","tlshash":"ce73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","first_seen":"2024-02-25T11:27:02Z","last_seen":"2026-06-08T12:05:15.988916Z","times_seen":27006,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":4,"connect":1,"send":0,"wait":8,"receive":1,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/bgcasecommon.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/bgcasecommon.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k3Km1pJwKwui3L7bIHGkF6WNrezH7cmUAGM%2BLkmeTGq3Z4MvnTLWYH8oNyjmXaMRINyae3Ma7CbF%2FuCrPCqAlITD6T1PMaRLTMA%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:43 GMT\r\netag: W/\"119d6-19b5a04836e\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1afaf20afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72150,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6b30abb18fb26fe7d0901dde5c13552e","sha1":"355a0ce3d8045c8b5578bc7c5c75b1926a93f6a6","sha256":"de42c937d4b2ff6be8495e47e9f3880095e6fd15ce745017f1d1862a8d3f6ca6","sha512":"544d1fd55b03f94a11a54805408f25a66000643b492f6777e48e54fc9309669e4be06cbd7c05f22f218720307185c82e49be951c41e432fc20ddd3a74ba4ccde","ssdeep":"768:yJSoF+MkzB9TQ5KjwAJaPzmhBDNG4gQWK/cIuiyKisn6bVCw/V/PyeKO:yJSoF+MkzB9TQ5XpzmDNG44XKO","tlshash":"f8630dd04380e9f9d55f1f639c2279a83490743eb74673a8c4e992312cb96ebc91c9de","first_seen":"2026-01-05T20:37:02.312263Z","last_seen":"2026-02-26T10:40:24.066749Z","times_seen":8,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"db.onlinewebfonts.com/t/785709c3ae46131dc5781ea4a30f091e.woff","fqdn":"db.onlinewebfonts.com","domain":"onlinewebfonts.com","tld":"com"},"ip":{"addr":"104.21.2.109","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onlinewebfonts.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 22:43:00 GMT","end":"Sat, 21 Mar 2026 23:39:25 GMT"},"fingerprint":{"sha1":"40:88:D9:AA:10:BE:9D:1B:7E:AC:DB:D6:14:FC:6F:E6:79:79:51:19","sha256":"AF:49:70:AA:7C:0A:4C:C7:BF:A6:11:E3:2A:88:F8:B4:87:46:2B:23:29:AF:4B:E4:1B:F2:81:6B:C4:45:AB:CA"}}},"request":{"raw":"GET /t/785709c3ae46131dc5781ea4a30f091e.woff HTTP/1.1\r\nHost: db.onlinewebfonts.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://valordem.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://db.onlinewebfonts.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: application/x-font-woff\r\ncontent-length: 20756\r\ncache-control: public, max-age=31536000, must-revalidate\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 22:30:49 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WafwB%2FpiiMzaygk3ofNa0%2BX0aPSZrwDDoPNfNR0ZuTWrKIku%2BKzthWApF%2BjRecMKQpUEc4KK6aK9tjQx2UquY714MM8ogmh8XW%2FE6XNJEANYEyv9hQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b966c1b5f8076ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20756,"size_decoded":0,"mime_type":"application/x-font-woff","magic":"Web Open Font Format, TrueType, length 20756, version 1.60","md5":"009c14f2fe904aae350e32b3214a29fa","sha1":"57e21daced88e15a4bc08a0b0862f176b78bc467","sha256":"adddfee46a994c79ac36fb68c6653d6baffcbb94cf76811b0e8cd334f621bc54","sha512":"cebc6ed8f789caab5f4d5d7df512ee7917597c7ad8bdf1cd7fe55df38ec9e05f4eef6cc87bfda7b06665574e3dd692c128c4bba6c58101e65e4bfb970baf3526","ssdeep":"384:SIU/cSVHRpBpDNEtt8GXcRpNxQr9IRsUTrUx3wFG6ANMdY5/9cNgva3D:SLEcxvMU4cRjSCRsrx3wFVqMY5/9c+4D","tlshash":"ea92df995572f4cfaa0b43756065b8416ad75dbbadab0b0fb96cf09438d00254a0cef3","first_seen":"2026-01-05T22:08:24.753036Z","last_seen":"2026-01-05T22:31:19.637854Z","times_seen":3,"resource_available":false,"data":null}},"time_used":781,"timings":{"blocked":25,"dns":1,"connect":0,"send":0,"wait":749,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/SplashXVandal.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/SplashXVandal.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 53508\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:47 GMT\r\netag: W/\"d104-19b5a049266\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hfaWKSakOALLLIVzRNGhQzP2PuDD3qgYCn7JqXY1NttL5t45x1jFKQpHGjTt4Be7okKXQjUVuiNxQ5Z1CFZUT2p3sydWlBFlDi8%3D\"}]}\r\ncf-ray: 9b966c1f1b270afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53508,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 148, 8-bit/color RGBA, non-interlaced","md5":"bc58555be807b64ec93b7d1f91ea18c3","sha1":"4c5ef55aee0d306e38f42f6a4c1fdf769cbfeabe","sha256":"3963e936f1e0fbc6c3d1059e4104000ebc391a9a91e34cf76fec8e15f9c260de","sha512":"731ec03380f6b95819483c6a6836a04e9dbc8cde90e74274fba951e56b65139342dbf73957fc44056c3f01e4b5631c62668aa6f248088b166e9c94e1fa7a16fe","ssdeep":"768:uNpPG07x/rmTVNRPJXzEPEQ7Lq4ZYKbQPVa9jeFKhyJS+7gLIxAF7yaiZ4VUNufg:urPGhjjEb7JYKbisjeFWyJJ7P14Vk3/7","tlshash":"d633026492cdc87bdb99954b31d2ce45f6b15c0ee433068c3a5128226fe74cfb35a988","first_seen":"2026-01-05T20:37:02.299116Z","last_seen":"2026-02-26T10:40:24.046182Z","times_seen":8,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/ORAbyOneTapKnife.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/ORAbyOneTapKnife.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 39341\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:48 GMT\r\netag: W/\"99ad-19b5a049596\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mGXaFN9lq0djZL96Vcm2NSpQb7MQ%2FWIOINB5Z8UzmediShJkLLdTae%2FQz8mV6i%2Fw1uY539YnPzcDqY7Zt%2F1xogWtpAvmPaO5vyE%3D\"}]}\r\ncf-ray: 9b966c1f6b350afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39341,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 184, 8-bit/color RGBA, non-interlaced","md5":"c590f41e00e26e15ed1dcc4fd49db0d7","sha1":"dac80492d327b93322187acac0ccdf30c814c3a8","sha256":"949c393532cfe895e6ffd95f4e0c8d0cfe47a690f20a4558bd3a5583d992688c","sha512":"54b8dc6afd7e84c2b76a8e5a2ecdeaf334cc047cad9e2df8981868bf2c3f8c6aa0cb686dc3cc8a8d2eb8dd68a9004b42884e87bbdd6f02b2e4c4b00ab619e22f","ssdeep":"768:r8GtUui5POv02PE71N/LMlKb2bj9Nij3GrLC9:o7baE7jLMlHNaGrLC9","tlshash":"2503f18d27f1329f880e63f0619305fc672675f5bb785609fc0081e262a691573b267e","first_seen":"2026-01-05T20:37:02.328053Z","last_seen":"2026-02-26T10:40:24.039266Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1178,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/GapingMaw.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/GapingMaw.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 68825\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:49 GMT\r\netag: W/\"10cd9-19b5a0498d2\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nMkyCwJWf41HULLNjqfRwSsc6R%2BnkOCiD5Q6Lmsq3qHPPZUpoV%2Fie8jtaovWD6bnNY03HHSpRJUCtxTFOC5b000ulIEspZMeU5Y%3D\"}]}\r\ncf-ray: 9b966c1f6b360afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68825,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 148, 8-bit/color RGBA, non-interlaced","md5":"3eddf45d8845757be23be253a2177039","sha1":"69892a0ae80984e8ea6b98fb6acbb0f8badf3ea3","sha256":"35d0915f3397d10830c4f04e758843910829912cb0f080a2e44632db1270abe3","sha512":"fec9d7a89b6a51b93a4e16cbd31ac9d27705c79970fcf025753b7ee65f05b55aced14ab922c266f52014f15bd223ed7aed7e57cdb8c636169f924c13c29d63f0","ssdeep":"1536:nb0v6X/KLo0f957qpWw0KgUvdXX+XCfTuF36J9ItwqMXF:bxqo0F5OpW9JwXOCfm6J2CD1","tlshash":"506302baff8a3f368c79a722754dd652ddd464f46e498bb4ec9cf63225c0a010583887","first_seen":"2026-01-05T20:37:02.303655Z","last_seen":"2026-02-26T10:40:24.054818Z","times_seen":8,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/slick-carousel@1.8.1/slick/slick-theme.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 866\r\ncf-ray: 9b966c149a2956c7-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.8.1\r\nx-jsd-version-type: version\r\netag: W/\"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-etou8220086-FRA, cache-bma-essb1270031-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 3509209\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ftRZweYAbc4w7BZfL%2BXMoymlrnRaDLp8VhqcpqZyZImVxVbbJVPoENEUYj4Kvogm%2BJq%2BZ1dVypfHuRs7%2BQ6vhlO9mSxIRRoazArcrwLc01SshT3BzyqGg%2F1q3vgnbwWyHwc%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3145,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"f9faba678c4d6dcfdde69e5b11b37a2e","sha1":"81a434f94f2b1124f3232bb86f2944f82fb23ac0","sha256":"7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a","sha512":"ea52d475e439ba178c15b5a6dc23f6ef5975e11b17d71b71f89e71db27880e49220697954cd853aa28cc13b1a044a2a2ea10aaa2fc02a014e5441102db433c32","ssdeep":"","tlshash":"cb51e19856b3a746101694903be7472477cb70131629d8acff95638dcfcd0d8ead934e","first_seen":"2023-04-05T09:38:24Z","last_seen":"2026-06-08T12:13:32.341917Z","times_seen":25724,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":9,"dns":1,"connect":3,"send":0,"wait":15,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/ng.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/ng.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 6812\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:38 GMT\r\netag: W/\"1a9c-19b5a046eee\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FhU40rH3mSfOWFSmVVy7iDDWw48uVH3Itbw8PSbnvJ148KKGq3w6cmvivzeiQii9x2EWgzakstHABZxQWq2orImE1N4drd4ecSE%3D\"}]}\r\ncf-ray: 9b966c146aaa0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6812,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 102 x 68, 8-bit/color RGBA, non-interlaced","md5":"de54982d32238d7275d3c965015333a6","sha1":"043d87474baac592d0907c45d0cf5f68ec7959a1","sha256":"6bd5e623f071d07a0a3c333d61fa980043a09b998b22283dd3e42592bf0c3980","sha512":"72b18286b0395f3ca161f6e80c4469a2a11dc834224c4aca4a9d836133db3cf75893c02b988cdea2e3922f5b9793f4672e7ad2038f20f249fdbaef7a72efe766","ssdeep":"192:5sSUV6zAfwhwvqoD7yR2Ii2UKSfW54CCBOssF:FkPfu2iiVq54bBHsF","tlshash":"a5e1afe9d1f19726594de2407f66558fcd8332847e5e1561b80a282f9e221c2fd14bd1","first_seen":"2026-01-05T22:08:24.833902Z","last_seen":"2026-01-05T22:31:19.642067Z","times_seen":3,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/yt.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/yt.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0qzqdMJtT%2FajN%2FH%2BWR%2BmxJTlqlcSKxjNBBNrtEwAMIjh%2BkA1F7KwaT0C8XraBZ8zYPkOdR1gdjDrQ2m80EGPSj8LNB4zDgCh7y8%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:35 GMT\r\netag: W/\"3db-19b5a046223\"\r\nvary: Accept-Encoding\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c147aae0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":987,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6023ad875ced6db697ee9fb91f487209","sha1":"00e94e72b2121c9af101cc2284eae4ea175aeece","sha256":"5de12ea91b8bbad338401f541ddd3cb9a16fe95f25fd0c3e0bffa2d19968a5b7","sha512":"a1af13706a7ac63c1ae29a5528b2fa20e2ee36073cfe03ff3a2f05f37036a5788b209f6b4eca8e7a4421a98c709ea2d0ed31bf131fbb85b1054589a925e416fa","ssdeep":"","tlshash":"531121fad10441c2a90b5f75c43096b7243e28b3ff46815e41aabc60e3a22ea8549d80","first_seen":"2026-01-05T20:37:02.275973Z","last_seen":"2026-02-26T10:40:24.054084Z","times_seen":10,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/js/lang-widget.js","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/js/lang-widget.js HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=maaMgXt1m0yICoAS8QjXiQAv0hA4nuxHqpt%2FhNsOaDGS6PIN18VoOhtrP9WoBVI00W9XL7tAJJbJqUqwVLQj0KK7dufBrXjI9dg%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:34 GMT\r\netag: W/\"12abe-19b5a045f57\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9b966c148ab60afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76478,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65475), with no line terminators","md5":"83cbc79d8687120b87f69b0ff783a8e4","sha1":"bd96f96d92ce3d3d938266b3d5cc5f9ee7bac77e","sha256":"cbbda3cd6b05e144dff9f216ca3edb188d1e50c87aee59583f890bc13bba0da0","sha512":"35061db3378d018114fe826e55ff9bf45b15e34485918c0ac3546879e38df3cc85af3d2a767baf2dc3e1ad8efa70d38fd1fa70aade0d2eb051a919251aaa74b0","ssdeep":"1536:6Ifcc1IKpA56oPqOeL7ZLfrSUi1VWiXwejcFeaQth:V7IKi56oPqOeL7ZLf+PEiAejcFeaQth","tlshash":"f673308527c1b86212475b773317b1e5e82b4cedb588048ff214bca4f1adb22fad8572","first_seen":"2026-01-05T22:08:24.806835Z","last_seen":"2026-01-05T22:31:19.643742Z","times_seen":3,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/IonPhantom.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/IonPhantom.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 36630\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:49 GMT\r\netag: W/\"8f16-19b5a049806\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RQN9RPv9RqFiCjPiOIYEgzmSfFp3gsXGnx%2BL8aGKNVetQROm3V7dXgNOPoli24VHOuJ%2Bd5qKZj8lJXcxRfZEFlvsJ%2BP3cs9sfe8%3D\"}]}\r\ncf-ray: 9b966c1f4b300afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36630,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 116, 8-bit/color RGBA, non-interlaced","md5":"064667d5bb91bf3a74f4dd0fffe529a0","sha1":"42deb5bdef97db7095fdadecd5f39c13bd785a12","sha256":"b615ec44c689216c7d3ebc73786dee57f91900a9465e4ebae72605343026a23e","sha512":"c88e25399503d169c199a8f428e7a130bf8daa6249fe282505d40443333d9835f99f721aebfd320392f0e1f30250a26ba0adad5fb59f911d930ea0162427fedb","ssdeep":"768:2uCDwb+RR6V1IIJOxfE++4XJbIhbhghlnFD4w:2uWwrb+vJUhilf","tlshash":"0ef2e1223547bcc89f68ebb52ab8596599c6e279dcfc62301fcca6c04417374aad2703","first_seen":"2026-01-05T20:37:02.353674Z","last_seen":"2026-02-26T10:40:24.023779Z","times_seen":10,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/bg/bgcomslider.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/bg/bgcomslider.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 16403\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:53 GMT\r\netag: W/\"4013-19b5a04a93e\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vClh4iqCDZiicyb1WC5sowuPfh%2BSXv28KTCc9fih84Ub5EkdOwjghtz4Y3W1PNpPXydrkg%2BMyJfkIyLm3Jbji2yLYgu1liUFz7A%3D\"}]}\r\ncf-ray: 9b966c1fab3b0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16403,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 61, 8-bit/color RGBA, non-interlaced","md5":"22ead2b3b67ea1b63b98ba071f332eb1","sha1":"c6ffe93bf8f1da911d2163a4febd4788bad7087e","sha256":"c05bbca1286dc2ad47f4be6be70983feab6214272937633c99163de2093b9796","sha512":"ad4966168760006c24cf97f2d73f4218e5da12e9c8802244763c64db85cace3621290cdb6b9b8d66932d71faab692fb7366feb5d6050f7795b6be3964c9f583e","ssdeep":"384:SNQWzMsxBk93vRqBv1RnWCGgzoLlVY1mgTW2Zz2KBy2xaa:Yr++v1gCmo1mgb2KBtxaa","tlshash":"a172d1d4028d89dfe6167bf22295cf88826cdc1c76c4dde880fd5832bc4d0993849ab7","first_seen":"2026-01-05T20:37:02.35549Z","last_seen":"2026-02-26T10:40:24.051749Z","times_seen":8,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/js/script.js","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/js/script.js HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gdUFMrk6uh3S8VQFkbaPLodZazLrZPi9scAkuThPCZJLZqRsAve3tHSgkkUWN%2Bb3YUZ6G9cRjWwXL8sDStjfwBscQ3hiqRZDBXU%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:34 GMT\r\netag: W/\"20458-19b5a045e87\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9b966c148ab40afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":132184,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"ef9cb3e4a0c9b7325092a82fdfc1d637","sha1":"abfba7fce6b75c157916d2bbfb8da8995d972873","sha256":"fa22233dce62ebb423b1415b03e4110ca70016744c883b0ee32fb4571cbbfde3","sha512":"6f445911be5425c96d8ea5372456dc654d4814c353a2a93c2bfe8e5e5bcb0fd53b048d55aa4041b9094c00a6b6c55cec5348dac66e0c3c5dba5adeff5dc4ac9d","ssdeep":"3072:VRRIOBhHwJixLtit7fz5Z8mbwtGWD5hYjTz75:/wi2Thk4jTz75","tlshash":"22d34f9237c57c96174717bab317b1e1e92a5cdab48448daf108bc24f1fca12fad8271","first_seen":"2026-01-05T22:08:24.750515Z","last_seen":"2026-01-05T22:31:19.646228Z","times_seen":3,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/pic.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/pic.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 459800\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:38 GMT\r\netag: W/\"70418-19b5a046e22\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yz1aRbXh8w1f9Km7FkFOHpjy5JH%2BM%2BHVDcrLhA%2FFWrga1pMsrMlawFEAcpx%2FU7P9y3N2GT%2FLrztCdtgnYqq0o6vAgZBjnSZHJcY%3D\"}]}\r\ncf-ray: 9b966c1b6afb0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":459800,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 457 x 457, 8-bit/color RGBA, non-interlaced","md5":"c36655ea31e60fe963c11f6b8bc5a0cc","sha1":"80d5dd3e865e76b6bb76c09ef4276c6258333478","sha256":"d4216f7603ecbb242429f2c518859948eaf743271d50fb8792bc9586433b24ec","sha512":"8f7a54bb1e2439554416868aeeddeea701ff779c33aabea1f1ca383bc92123e37792a7155f2212849111632421480e4457a4e5f5f3869580a49a360273732f03","ssdeep":"12288:qi0aQ23AUFau+ViDDBFKbUvtDHlOOPGH/rHsYGxX:q9W3AyL+ViDDybQ5F3UHOV","tlshash":"31a423f0f8ae761d6466381bcad12c58ef1cd6269f1bd750b3c57e8919318a7035b3a0","first_seen":"2026-01-05T22:08:24.829241Z","last_seen":"2026-01-05T22:31:19.647055Z","times_seen":3,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":201,"receive":203,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/ElderflameVandal.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/ElderflameVandal.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 47614\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:49 GMT\r\netag: W/\"b9fe-19b5a049a6e\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JOltTTMSgeC361MmIrk9xlGwTzxfiJLoiwWBV5Ar6rHT6VWfdlbEmp6ahf7q4OGBBktQC9Vfw%2F9yf0K0Zd%2FZZTZxg6kSIT5EhIQ%3D\"}]}\r\ncf-ray: 9b966c1f3b2b0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47614,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 152, 8-bit/color RGBA, non-interlaced","md5":"a232620b56425838e383191675ecffd1","sha1":"bda79cdd7d247268099d57d12a04d929fa8a4bcb","sha256":"d94597866b1eb64b3796e019295a4b77de59d2b70872b096c76339ed1062413d","sha512":"118688f62e66cd4695d89a84a40f57906b843bf202c16a0b785bbea577e16a6af039ec38438306d18f837c9784f710ebf3a7ccef4390b7a7b96b28a11c61f23e","ssdeep":"768:BGmND7BJYRApXgSGCCU9xgxWc9dTPO2nY2VYA6QeXRBwwS6qJ2eHu/mI22Rv0N:BGmND7BJwMgUCUP8rbTPOxM6LRBwFkIH","tlshash":"cd23022dae9e625468ad79a1f7b2a1e4c634c53584c0f396fa80fff475f70445aa3700","first_seen":"2026-01-05T20:37:02.391409Z","last_seen":"2026-02-26T10:40:24.06863Z","times_seen":8,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/texture.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/texture.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/png\r\ncontent-length: 431\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:36 GMT\r\netag: W/\"1af-19b5a046882\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LU921%2FE730exsB32Pb4qRAARHG%2B1fGZvoVxgCkFojpuzugOD6rYIg4JjaamQgBuj5eGw4vviFglMcUNz7lpmTJgJDrVwpx9dhu4%3D\"}]}\r\ncf-ray: 9b966c1acaea0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":431,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 136 x 34, 8-bit/color RGBA, non-interlaced","md5":"f22b6a0930ce3393a72a20791646e126","sha1":"180159dec2725df9c97264b713dbef280615bd55","sha256":"225e94280aace14e9ffa4dab8a507c5edea497a7faed4ad857a973e9a44001ac","sha512":"34799b9f8e9795c0fa3479e8adaf7647800ebefcd119778142574078c6aa512a1226e927e26879185293259dd31f1b6d9ff159d4f1c65a09a63b89a07e46fe3f","ssdeep":"","tlshash":"f9e023844304bc16ee4cd8fa752fb110517b2c5f70b9210c7f42443211804dc6775bee","first_seen":"2026-01-05T22:08:24.770044Z","last_seen":"2026-01-05T22:31:19.648692Z","times_seen":3,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/slick-carousel@1.8.1/slick/slick.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 10910\r\ncf-ray: 9b966c14aa4156c7-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.8.1\r\nx-jsd-version-type: version\r\netag: W/\"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230159-FRA, cache-lga21941-LGA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1616376\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=EJpQGqPIpCktfe3D5CfdjHPq%2B2KM730oBFbvMMlqtJpYXCN66RjiUSazMN1%2BgFY0RQhjXnZcyIHgn31q9XUAdopWkr5V1R0mpArnbe2RmEJKtaSd2asjY0JczWiBBnC3jCc%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42863,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (42862)","md5":"d5a61c749e44e47159af8a6579dda121","sha1":"3b41b3bc956685015a347a2238e71db29dfa0dbb","sha256":"0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740","sha512":"5ed98cb4311c373da3ede92bb47bce551e22c30683ea8fc55097baf99abe1e0702b24de48f8b9241047cc1e4364158f5a343e4e8fc182e8866db4e99ccd7ee6e","ssdeep":"768:4rkkX123A5YHi6pWzYdlNWYcx16nnYdXRRMd2KYCQCsPShb1ez7RFmYH:EPrYdlNixEePiYH","tlshash":"e513a549d205276285d721e62105c40eb3f7fb3cba22c0e475c9d3ea646ec4896d7bfa","first_seen":"2023-03-07T01:06:34Z","last_seen":"2026-06-08T12:41:36.930854Z","times_seen":99504,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":1,"dns":4,"connect":1,"send":0,"wait":12,"receive":1,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"db.onlinewebfonts.com/c/785709c3ae46131dc5781ea4a30f091e?family=Wien+Pro+Unic+W00+Regular","fqdn":"db.onlinewebfonts.com","domain":"onlinewebfonts.com","tld":"com"},"ip":{"addr":"104.21.2.109","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onlinewebfonts.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 22:43:00 GMT","end":"Sat, 21 Mar 2026 23:39:25 GMT"},"fingerprint":{"sha1":"40:88:D9:AA:10:BE:9D:1B:7E:AC:DB:D6:14:FC:6F:E6:79:79:51:19","sha256":"AF:49:70:AA:7C:0A:4C:C7:BF:A6:11:E3:2A:88:F8:B4:87:46:2B:23:29:AF:4B:E4:1B:F2:81:6B:C4:45:AB:CA"}}},"request":{"raw":"GET /c/785709c3ae46131dc5781ea4a30f091e?family=Wien+Pro+Unic+W00+Regular HTTP/1.1\r\nHost: db.onlinewebfonts.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: public,max-age=86400,must-revalidate\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=efbrVoYRYKjnjcHfL1DUH5hMvCWo2oJkb9%2BCZ4h7IMqQlXCYdPdt5B6pkEgB514pj8LuHepxCPmr5%2BweL4AQOEmgW2MQfaIKVjRtnsjs%2Fs7c%2BCI%3D\"}]}\r\ncf-ray: 9b966c16bc2956c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1167,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"f2d905082e4ed95bced86863220e76d2","sha1":"ce8381626540f2d57c763e7d0ec9906c3f6d7cb1","sha256":"f5f4381404630b80cbf93070deb5acdd194c606587af9ad185b967db98598316","sha512":"e3d09080db7d0754e6231976523b0269626db6d05fb5008b9f673f4794e52e61ce4a1f8bdecfca463da3eaa675fbf8fe483705ea32f74d897eab5046f7bb50a2","ssdeep":"","tlshash":"c3218eae68455d806324880c33a6aa45dcc7502f2464dde3b53dfe5cafb153c58dbb2c","first_seen":"2026-01-05T22:08:24.841514Z","last_seen":"2026-01-05T22:31:19.650322Z","times_seen":3,"resource_available":false,"data":null}},"time_used":665,"timings":{"blocked":25,"dns":5,"connect":1,"send":0,"wait":606,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/bg/guarantbg.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/bg/guarantbg.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r53%2FKTnVrM8TUQ999xlUNrQM27OTDzurlxVKfjnJSlP1zpN4NHvuCr1HfRIfn3d%2BoLTI7EjFuX6r5x66Q8tQOuY7eiFVLNfzI2A%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:52 GMT\r\netag: W/\"28aa-19b5a04a542\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1aeaed0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10410,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4b220fad4ac053099441351150158eb6","sha1":"fed5decab8c56ee8e59f5f95c14986c5addc6f66","sha256":"a896b94e7018bdfb9e8b122e1fc99ae6bb3836e4b1cbcd2d6932b77d79fa23eb","sha512":"9386b7f52599f73181ec2504258fb1b06ad954fec0b2ec8ec43ca6bf3b56d4d65cb38ddb50192ce700ec6a4accc7154f41b45ea5fcc30286157152b30c887b19","ssdeep":"192:vXW06EjoY4bwA7vEztbpQAwzcVs+5fBzLvYj5foc4KVlSY6VFQl:vX36EjB4bwAzMKus+xBzLvYdZV4tM","tlshash":"232262cd2b36439c4a918b9bbf5720ae287b18fa42854c86f1107b5d35ced5f4da4ec2","first_seen":"2026-01-05T22:08:24.809492Z","last_seen":"2026-01-05T22:31:19.651146Z","times_seen":3,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/bgcom.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/bgcom.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 19156\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:47 GMT\r\netag: W/\"4ad4-19b5a0490ca\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M%2F7po%2FFMxGkT3A0ZNqyrFNL%2FUgg5zZIrf1OaxaRvSysYAT6IgWcSZHTE%2FFTLBAQ5K9BgwNLAiKmtmV1rx3RxGzpuKAoEmJKzBhs%3D\"}]}\r\ncf-ray: 9b966c216b440afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19156,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 232 x 304, 8-bit/color RGBA, non-interlaced","md5":"d339a2ecaf2b040f697cf6f63584f8ee","sha1":"7fdc6138b9c0430cbae3c2175cae779e4ed35b68","sha256":"d26f9918ea49865b9801a273af883dd6de296b295824b60aa00789377c9d3b33","sha512":"cb926567a08fd3d1f7cfaa895ae2c3ba9aa4e9b0edcdd635378ff0b528781ff81d47ab4ff42beb46f8927929fbd237a3813cc56373273da8d5c45e93334dac9c","ssdeep":"384:Mkdd4F/EuUS3WLAx3FfmLmSysXNEm0Bh7IEvoruZcSntLwuofe:ZdG/E3UWLAzmLmSysdKhZ+uCSnwfe","tlshash":"c482df0f3480c031a92fc80e0ef4777b995045ef15b687a9d0bcec2a8010571fd6bb9a","first_seen":"2026-01-05T22:08:24.774498Z","last_seen":"2026-01-05T22:31:19.651924Z","times_seen":3,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/bgleg.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/bgleg.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 96586\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:47 GMT\r\netag: W/\"1794a-19b5a048ffa\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lS60Wi1mRu75AaIWaqT5t9QDI%2FSlhmMcZvpl0P%2BgqMFO%2B2SkyOkvtacnUPKmfv%2FnAKLSKj1hhYavQXV0d9h9LVH3jaXOVn6wE8Q%3D\"}]}\r\ncf-ray: 9b966c217b450afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96586,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 232 x 304, 8-bit/color RGBA, non-interlaced","md5":"9175c06db21a1e0d90c0d19d4b40df46","sha1":"327ee9cd69387c7ac31da47083d84a3fe0b94a27","sha256":"7f4d0efe61135a02e310c80a1c3d685a505b65f63b4d70d6d202b63d82257aad","sha512":"0be5ff2a494e0799c14bcc3d6046fd2da7045293e0a084c9692f79817288871bf3e8a0fffb94508dcb9eda2c6ff9b9d9c6ebf460bf48e37d74feac19f2a47ead","ssdeep":"1536:yTolt6Q5CWKR3eS4NPZSfuwpq9FsX7TcPQVhqgHniv4GNIUhDpHKcKd:9nCJRuS4NPZSfjrcUhq+2DDpqpd","tlshash":"089312efa51a12853940395bdeb9d6208a8396943727f85ccedc73357822fe3134c369","first_seen":"2026-01-05T22:08:24.83986Z","last_seen":"2026-01-05T22:31:19.653326Z","times_seen":3,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/bgrare.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/bgrare.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 18892\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:46 GMT\r\netag: W/\"49cc-19b5a048f2e\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hpafHZ2m5agh2q3aZKgBQ3TphDDqb%2F6DT7Cu8pwHWBE17qZs4U23gikQV0%2FeEJtP9NsTpyAMdukcf71Vy1GS%2Fimurrxb5NQQOy0%3D\"}]}\r\ncf-ray: 9b966c217b480afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18892,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 232 x 304, 8-bit/color RGBA, non-interlaced","md5":"08929871e62b548f65a4b46cd67f574c","sha1":"bb70c94e6fdaa809b8f02f4abc2148457f8b04a6","sha256":"b04a394389106cbe5ae566c5f6bb53bc4b5b3ad62f97a21b36e9c4b95f4dae45","sha512":"8c08b2c0efba5d1b0bb5357ac5b00e97c46c29cfee336153b6189f622e93696e5284b600c1f268a03f3be593980fbd0c7cc5051ff43cd1e2be49656dc0b12eb7","ssdeep":"384:MLqvktDR+cA0uG6zs4pI3yyEYpLhbm0Ed35/vTRpBTIp8S:GqvQ9+dZs4uNhh6Fd35TVIl","tlshash":"6e82d18397920efafbd31d8d86c422ad9cf919db19eb30e41575450ec4e42134b853bb","first_seen":"2026-01-05T22:08:24.823087Z","last_seen":"2026-01-05T22:31:19.65415Z","times_seen":3,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/js/animation.js","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/js/animation.js HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9sdeoB3I3LeRCXxMnQEJGS9FoI%2BmE40wdiuDm1Bn3QwkSl4vjZmlFX3JfO1aIZDD%2F1u3%2FXgy4aq%2FRKLS2pH7EQQiDc27EqhcmC4%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:35 GMT\r\netag: W/\"11e5e-19b5a046153\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9b966c148ab50afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73310,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c5a89847d09b24d96c03e55d0d4858ee","sha1":"51f010d13238069e7ef1b77e5ec393eac5cfe0c0","sha256":"6a8efd24997f747a272abc947a1b0fc78f92420b8d3eb690e1e4409411e3bc2b","sha512":"c9e107c3dc62bb489579129bca7699d1c7e960b02bef6edec36a23e63bcb950c993285381df610513a0f8e8f8e95ddfe2755b109eeb3a7f9a9e7321277136912","ssdeep":"1536:O1zuTfMpS4KEXMFvAp7MB6lhTyjVRA99udxKaJLlMitOLkchVfkoSUA5jpV:O1KTfMCkThi09udxKaJLNtOLk0VfCUAN","tlshash":"3f63508177c17c8113474bb6b32ba1e6e52e5ce974cc048bf404bc94f5a9a1afae5e70","first_seen":"2026-01-05T22:08:24.739528Z","last_seen":"2026-01-05T22:31:19.654967Z","times_seen":3,"resource_available":true,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/bgcasered.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/bgcasered.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jxiwIEOGGvMJ2U%2BabFOlKZkyCIfEDRKfkhHbpE3%2FvEEcZ7iwu8MSZDpvWM8Wp1VpFEdJ2HMrC7W5%2FPHeMbsHej2UdjRMS8YYl9I%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:42 GMT\r\netag: W/\"119d6-19b5a047e92\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1afaef0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72150,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0c000fe6f17c7707cae00f3eca1090e7","sha1":"cc1a4426e1758df589d4acf8a87e11fc31f72722","sha256":"5afc58d75e5cf6517358f1aba3edd93b2b1e240b6c071864da9ecaa2332a8675","sha512":"504e229b2678c867b2c46934b69eb318048e9c37b031d4221e0f5bdddbff54e80529315db3f7a5c860d31aaf60d2b4af25ce6cb9bc5416bedec7b494d4a4dc4b","ssdeep":"768:GSoF+MkzB9TQ5KjwAJaPzmhBDNG4gQWK/cIuiyKisn6bVCw/V/PyIM:GSoF+MkzB9TQ5XpzmDNG44bM","tlshash":"e0630dd04380e9f9d55f1f639c2279a83490743eb74673a8c4e992312cb96ebc91c9de","first_seen":"2026-01-05T20:37:02.33793Z","last_seen":"2026-02-26T10:40:24.050177Z","times_seen":8,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/bebasneue/v16/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/bebasneue/v16/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://valordem.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 13768\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 03 Jan 2026 10:39:36 GMT\r\nexpires: Sun, 03 Jan 2027 10:39:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 215472\r\nlast-modified: Tue, 16 Sep 2025 13:27:24 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13768,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13768, version 1.0","md5":"5853435d21b13022c663f99f2bd76107","sha1":"1f063bd9a3dfa8dfd04e071c0a18369a971f8351","sha256":"a7c90c89240c134f7fdd33d40c000ec90b79d675ea53e8cc5a6d423c073de412","sha512":"7b7ea49e16c5255394872c346ea109b6687101c03e6c69ff634f3e835d8f5fc87a6e9846e1dd95e9b4e54592a2a26ed139db16c35958c6abd6e877fd5bb2f9ad","ssdeep":"384:CEEvtXmScTc9b7/kB++WPXP7kRU7+YTSagBj+q11Q:bEpn7skjkA+YTSagBS81Q","tlshash":"d052c0b8d5df2408c784e2b5ab7c2559c8ca1691d078bfb91a3235069f62d2180bccfd","first_seen":"2025-09-17T05:43:28.937898Z","last_seen":"2026-06-08T11:02:18.629577Z","times_seen":7116,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":84,"dns":1,"connect":7,"send":0,"wait":9,"receive":1,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/KuronamiVandal.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/KuronamiVandal.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 41479\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:48 GMT\r\netag: W/\"a207-19b5a049732\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bhznnhrflw%2FDFyeF2jbHIS5rTFuOlOYRrnAgBtdjwOjy6%2FL3ZlZDaWOpeZ1JJzpM7oIE%2BhyhlZnKIrd3GuaHdYzu1Q5EF8nlhdY%3D\"}]}\r\ncf-ray: 9b966c1f2b280afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41479,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 136, 8-bit/color RGBA, non-interlaced","md5":"e7ebbf6af712419173c17cc3cc6a3782","sha1":"8a42c7cdbd705225dcaf23c8714dcb81145945a9","sha256":"b7f0f5b4503b199832cf78995b293eaa5cfd80f24d4d74bce4008c0fff60aa78","sha512":"b40b5bc158b886b438e54963df5ed9b238cd0f24c0ea978559a94a1cb261123dcd635c5213716fdcaf4fa24ffab2121379fbb1cb5c3e7aa9ea10d2ed7a15a6f1","ssdeep":"768:7tFWd6Ox4wKGznsJiQRgNT3vZUnYoYanPvzhmHgAW+f6+:RFjOZDzsPUZxAH9mgAW+f6+","tlshash":"1013f1c4a2d0c6e0f671be4b5954f18c82a398db2ad7736734ce5d6e6e8cd8103e81b5","first_seen":"2026-01-05T20:37:02.284049Z","last_seen":"2026-02-26T10:40:24.01899Z","times_seen":8,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/bg/bgrareslider.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/bg/bgrareslider.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 15025\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:52 GMT\r\netag: W/\"3ab1-19b5a04a6d6\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GFxREtFSYN8h5byqGLDQIeP%2FIvIjnCUABFBUEmVElTsY4gsPe1OxId6Xf85%2B%2FiNqdQdyvDsItKlTe%2Fwb%2BvKg2X53W45IpkKz8dA%3D\"}]}\r\ncf-ray: 9b966c1fab3c0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15025,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 61, 8-bit/color RGBA, non-interlaced","md5":"5161adef61ff4ec0e2f1bdc5d2b0f598","sha1":"bd7344a7bddd5425b1ebda3ea3b5daee8d0c40a0","sha256":"511133259403d15304229a12cea35110ee2e8669efdb27be2a489096da9b4414","sha512":"a0fc69d1bc58ede16b0d3123eca3e9e56ade76364afa8fe06b51c4ffe82b0fcad845aaa3ff7836d658b0c85831d8055e3be72ceec5bd2759a1cacc5a06fa6ab3","ssdeep":"384:SAGPYQk+I5+SS2ICqmcYnqRMW6DJqNkam5a+sfML5V3:+YQkfESrvBW6DWkZ5yfI3","tlshash":"7562e1ad6769970b600c04254d4764e41f6f30d71ccbc538cd46b8eea8e49ac4a3a426","first_seen":"2026-01-05T20:37:02.285861Z","last_seen":"2026-02-26T10:40:24.023235Z","times_seen":8,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/EvoriDreamwingsVandal.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/EvoriDreamwingsVandal.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 49412\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:49 GMT\r\netag: W/\"c104-19b5a0499a2\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MrOuEBsbCKwx1ubt7%2FYcmxWmU3BgyABPGhQA%2FqoeXSwdtiBH4i1rxsgth7pf8upkQR0Mi2pnWuoFmmqQqqfRD7IAcbecb%2BX211M%3D\"}]}\r\ncf-ray: 9b966c201b3f0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49412,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 148, 8-bit/color RGBA, non-interlaced","md5":"8eff3a730d808f67badc30f7b44322c6","sha1":"730b9943a6c1303a6c695794694bea7da3208efb","sha256":"d364af32460860b1f85adf718a2bce383edc37a882770d278698a56b3395af62","sha512":"c97bfb8f078815898634905e12b23a5c95e06df69e6979d1d054dde0de27c866a6703948103697614c0a00cd5896e25b536a4c5aa6807c638e1d35538e7f3080","ssdeep":"1536:vhuj22q7NqfBWsrdGWjnR137mQBKRp8yfel7z:puj22vpWs5GWjR11BKwz","tlshash":"3423026b812557ec79cf2d62ac858de0fd2934f59abcf90bbb6bac0826648c405715cc","first_seen":"2026-01-05T20:37:02.374598Z","last_seen":"2026-02-26T10:40:24.051012Z","times_seen":8,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/logoheader.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/logoheader.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VzFBxRkRcYmv8Us69FnR0IQVTkXVD9Hob1NTD3S33yu2SlfeMfDT7RMyc4MHcbkALiQZYZjDw8cY53P3P3pdRq8T%2B1w6GFej4EI%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:39 GMT\r\netag: W/\"2331-19b5a047222\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c146aa90afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9009,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7806d139b75c82f5501612364efdcc2b","sha1":"5196456e915f2279ea2f07ef2289f80efd240dcd","sha256":"2836615ad2c91b3793e0f6625fd72f4d50fc4b18aee112786c52b5aec271a44b","sha512":"d9291a5f7b3091dd5b9ad575a839b1d898fa9c1c47e2d02da3bbef4d57cc953eb1bbd4907179b31fee7e7d5625e59f93fa9df81554787c52f0be8fe699cd0ecb","ssdeep":"192:elr2DT1/ZTXs6OEUF99nBjTIZXe0XLwgxDv63fQD/Dj4igM9aIZ:8GdZLIxF99B8O8wgx763fm/DjCMoy","tlshash":"b002a6fb97e8b6e4e506f3f88922a575355738fd33228385cb869e54f61205c8e8cd84","first_seen":"2026-01-05T22:08:24.747014Z","last_seen":"2026-01-05T22:31:19.659616Z","times_seen":3,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/bg/mainbg.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/bg/mainbg.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/png\r\ncontent-length: 558765\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:51 GMT\r\netag: W/\"886ad-19b5a04a1de\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8jdtFqs7fCp5s%2B0436k6QlxP%2B31YSZ%2BaciwCfe1UCu3P7fLvOix9xxuJlQ0gnLGb0xz0Z%2FlhUJjJoWHyXqq1vaaEAHf06wTvbzc%3D\"}]}\r\ncf-ray: 9b966c1adaeb0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":558765,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1600 x 754, 8-bit/color RGBA, non-interlaced","md5":"14d28c52e17898f6615261f6ef2baac8","sha1":"87ab7bd70a2b3ef905113ff634cb3d43a3e1fd63","sha256":"7054fda818b19982f0738f42d4e8ec79bb9b3d46690c2de57e81594037f6b74c","sha512":"49e5589f466a8d8eafe4c32bfc1e1fd8b022c1b602f8628f6cabc09fa3b78c4daf21034c5fa25ab40001aad5c08813330fb5a4b94bbb4b91036511afde185b51","ssdeep":"12288:wtbvT4k+eiC229hfEgk1DM7xzdyY6s7sgAingU6uYSw7+wWp7GmLr:6bvKk229T0Y7p0Y6sYRingGYJ7Vm7GmX","tlshash":"3cc423ad0e5043cd185aab79fd2637609b971d239f740f6ec147abb4ba0131c012a9ef","first_seen":"2026-01-05T22:08:24.782147Z","last_seen":"2026-01-05T22:31:19.660425Z","times_seen":3,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":151,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/counter-2.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/counter-2.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Ask4%2BqGS7zGQALL0z5hZ%2Fcvs2xZHWm12COhBf3vFa0dX6WBs6SgjxZh5l1JxWp70b712YxRjOucctT9XLYHYgRXH14fpCKNC5E%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:41 GMT\r\netag: W/\"579-19b5a047af2\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1b6afa0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1401,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"742fe6bf82a792828d0f17a97338eada","sha1":"66d4d277341db90978be23e7f1c6627657dbaa38","sha256":"3e8c9d15174f0e56b133a9233f94152d4900f35077d645ba2b4870bc0ceeb4de","sha512":"4c050de40d047a70d4348baa63ff026392bb856050ab731d55bd6c1017e1a8a785898e29ce726d064be8d58b12af0bef08d4abe79bb1d5dbabfa13cf8bf6c6f8","ssdeep":"","tlshash":"b821d2fe73e4baf0a106eb71e6387970718a28bf6bd5078813829914d654588d9cccdc","first_seen":"2026-01-05T22:08:24.755423Z","last_seen":"2026-01-05T22:31:19.661109Z","times_seen":3,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap@5.3.3/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://valordem.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 33206\r\ncf-ray: 9b966c149e32120a-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.3\r\nx-jsd-version-type: version\r\netag: W/\"38d63-xawd7pYctZoEUlbsID9p4xeHL3w\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-etou8220150-FRA, cache-bma-essb1270031-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1533741\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=xTIUaWb6vgKCFsJOQ55rhpYfFl9nA5z8eSvdZWG8lBCu3QIsHoOgEjIMyHjS3j1SLeF6bMfqNpe6W9F2lBGrPaLFyKOXfu7FPF8a9mSaA3pm%2Fmsb2Pua%2BgtLXMwvGjyWVW4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":232803,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"a549af2a81cd9900ee897d8bc9c4b5e9","sha1":"c5ac1dee961cb59a045256ec203f69e317872f7c","sha256":"3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8","sha512":"8e74ae0384acd8f9248a448e2ed62cf0195821e7882b587df6dcb861fbd13c0973af7efbbebdc25c36fbb1bede1040588c3b5c623f808c11f714bbf9b9226e5e","ssdeep":"1536:O9YnIWbn98fdRfvO5wlP77k9P3EV98IsYRElV6V6pz600I41r:RnIw98fbV986I6V6pz600I41r","tlshash":"dc3482d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2024-02-25T11:27:02Z","last_seen":"2026-06-08T11:50:38.36542Z","times_seen":22888,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":13,"dns":1,"connect":1,"send":0,"wait":11,"receive":2,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/js/i18n.js","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/js/i18n.js HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iRJ%2BGiIlgkjfIe1cYPpEIJUD%2FMv3ckjdPcX1ULsNngb6f3hg%2FoJsy%2FXUpEp9XOZeL222vhZx8oMs0zpWTOfyNFHd1LtBd4TVVVQ%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:34 GMT\r\netag: W/\"897d5-19b5a046087\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9b966c146aa80afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":563157,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"46fb63a34f04acd38ce9f7660495d0a1","sha1":"2b48f16a555800bd4c5b6d31d3ca788a2318a054","sha256":"ce67079892e8fa384cf542319995d78021b5b8c997a3de9d3e844d229a69c1ed","sha512":"b8c05f7affc6a501f16eb38d6a6ff1add7ca5ea4679b4086538753271ff592b1d9baa8a70e8869482c78bf5aba0d1bc1ba7ee8d3d4562f6b90ed71a4a8ad6876","ssdeep":"12288:wByjLBKyxPOtxtO5NZScAM2KkpEot3lOzUX6yD3BJk8DQ7bXYbwm:wByjLBKyxoxs5NAbM2hzeS5XpUvXYbwm","tlshash":"5ac4216267b07716610b4f233bab71f86725bd11f744c38be5592e00f0be922b5b86b1","first_seen":"2026-01-05T22:08:24.857144Z","last_seen":"2026-01-05T22:31:19.662606Z","times_seen":3,"resource_available":true,"data":null}},"time_used":433,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":137,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/AraxysVandal.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/AraxysVandal.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 42683\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:50 GMT\r\netag: W/\"a6bb-19b5a049e72\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NOmbqGtuQwZJkE4zk%2FMyJd%2FLRMJh7fstN%2F1bl7LKVmcVRy5hxBMgji9DWuEL7pu4HJcgtKkhEkLj1dglIER1LvmOd8FgsRPwZ%2Bs%3D\"}]}\r\ncf-ray: 9b966c1f5b330afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42683,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 148, 8-bit/color RGBA, non-interlaced","md5":"6711bc94828c6c701c1a061108229e85","sha1":"94949a68b68c1fd010c98b854baa951cec558dcf","sha256":"c550ce089455edbca2140b52443de0be7881fc2dbf01a804fb5975ec8ddf2e42","sha512":"2bfd6e8e9238e1a6acdd7b2272c2b0793c17edf82bb7dbe2993703e71ff5d982cfd95448f74e4060963d59d017e73ad47685e5b84805ec65f63c42a431bbe583","ssdeep":"768:difRDybugdyxKZkntNmyaKRNJ+p5NwrQUiYEshlq8DUdJBXYxbZfMhBXlxrxD5:I+buSyxBBBNYqMUiYEsu+UdLYxpilxr/","tlshash":"741301af5c6c9464029f9fe217547034a9c49bce082662d87ccae21d395ef6a1271e3b","first_seen":"2026-01-05T20:37:02.264381Z","last_seen":"2026-02-26T10:40:24.031446Z","times_seen":8,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ajax-loader.gif","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/slick-carousel@1.8.1/slick/ajax-loader.gif HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/gif\r\ncontent-length: 4178\r\ncf-ray: 9b966c1faf5db28a-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.8.1\r\nx-jsd-version-type: version\r\netag: W/\"1052-ehqkNhQ5Y4K7FeX95XTZzc0haY8\"\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230113-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 3611720\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ojeAmAMEuSJ72qz6OT%2BslmyjOyHTi5GYHIhGWV1C%2B%2BKCy%2F5KtBvUeuYbAxj1dfpwOqEKTmnQ9pdZvrud6uG5lT5MuftTpkol5Gp9wqbLcFam34dFpEulvhtnRk2LeqgKnVw%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4178,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 32 x 32","md5":"c5cd7f5300576ab4c88202b42f6ded62","sha1":"7a1aa43614396382bb15e5fde574d9cdcd21698f","sha256":"e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b","sha512":"f0d7ada22a3eb3b2758198a71472fb240c74ce4ca09028076e23690c70b2339c6b2a40f9158dd71c52d953ef27bbcc0105b061bdc74fbb0ad0b304c7c6a04a38","ssdeep":"48:32e4MxZKDtivGOFkoajWKOwD2s4UYX034Hk4zHdwt4zeoAF5oM4JTp3uVj4gBFyj:32e4ZtyiqsdWAXWwXPF5oMcdUjVsmuS","tlshash":"e2810b9ce8a0f631c59936b78dd92d1a9adc5796ac3ccf5215986808f91f223028735d","first_seen":"2023-04-05T22:52:05Z","last_seen":"2026-06-08T12:33:52.440628Z","times_seen":41985,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/SingularityButterflyKnife.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/SingularityButterflyKnife.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 37228\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:47 GMT\r\netag: W/\"916c-19b5a049332\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cG9ABSWt8Y2RC7hj0cqqNnBNdFqFQzB%2FrN9Xwtsaa%2F9iYSaet4w7Ko7RJopSPPm30MB4Gn5jPQcb7HfBXaeTsqRFtmPS%2FUAfk6k%3D\"}]}\r\ncf-ray: 9b966c1f4b2d0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 180, 8-bit/color RGBA, non-interlaced","md5":"2cdaf615ce66e8998defa8df30aa52d3","sha1":"20a21a8ef989c509742f5ebb3e321df663f06636","sha256":"a2b274b9ed90dc0d358b849bf925583cc4cc0cfdc134f55793f3731f3794377f","sha512":"7eeadc8cb75cd98acb7caa8c4c11814b05132d527d91f043ead23a5c34f2ea9b93d6e618986e9ba1b4be41a493c31acd4aaca210883b29ffacd6348f6bc665bd","ssdeep":"768:kqoPAq0Z2qTC+sU5fd9I9S55BfoIsQncxJmuHt3Xbdb+bRAJRHmLHtPY87SPx:krAJO4HcSZvsQcxUuN7dbERA/GHNY8m","tlshash":"5ff2f144a8e20276b0ac227d8794c957e49bbc7827a671ed641738f2fc05ce0d647b0e","first_seen":"2026-01-05T20:37:02.37595Z","last_seen":"2026-02-26T10:40:24.036277Z","times_seen":8,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/css/media.css","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/css/media.css HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FVE4m7n3HktMODi6OYS1VAzwQkdLcjhN0DDBbyZMUER2Sji8Dhk2%2FXzFj23FavM6myEmkc%2BJe31PwvnJofNYA7AUvOZUfHtHMAU%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:54 GMT\r\netag: W/\"1ee8-19b5a04aed6\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9b966c146aa70afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7912,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"c61dc996c01a1d571255945a261aa988","sha1":"d12d7d49cdbd332bf811986e0827a8dadb67a3da","sha256":"11cdee264519c08d9ce0eccf51a0aa3d84ddcf61bccf18167f438c94fed9b62a","sha512":"8baa93a2c948c02f110aaa4611ed067a489ba8afaf535c910adfc969f4468744059abedd4032188351f1c7abb82236bc0be66367defaef7b722c90cc61ac7bbc","ssdeep":"192:DZDil3kpUrAGVs45VoHG5NaVKH4hCESR4AcKa4V4GlwKZdKZH67QYCM0nktoHG59:D+T","tlshash":"0ff1ec4ac201154d683bf378dbb70368e67b0053e38691a93e6d31c69fbd6998171fc6","first_seen":"2026-01-05T22:08:24.845496Z","last_seen":"2026-01-05T22:31:19.665479Z","times_seen":3,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.slim.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.7.1.slim.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://valordem.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-38a4f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\nage: 2361488\r\nx-served-by: cache-lga21967-LGA, cache-hel1410025-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 14223, 1156\r\nx-timer: S1767652248.822859,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 67971\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":232015,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"d5e71829ecdc0456818e3b93f57b14a0","sha1":"e502aa0259449fc0f077ac15815a1eb81737dd85","sha256":"520bef37cbc19203b496e3d2525dacf13225392611a061405f88e50889bd01d7","sha512":"76870111eab6f0209a5c25cdedc20d93242cd2946ccdd42c54115651dfa92cd9449372c39520c3b4dee2d47fa74c1f2db2124f4074b4caed065bd60615dfc246","ssdeep":"6144:IwsmYhct1SS+TC1lmhTzeKRYcYmD2zK8USJsdZQ/coLGVFyy/RgL/uiOpyXXaDrp:tuYcYmD4/cZQ/coLGVFyCJ9rp","tlshash":"2f34c5e8f78d112e4226316aad2f11cdbb7cd1b1561458aefd4d497c24a083c42faf7a","first_seen":"2024-05-16T07:18:22Z","last_seen":"2026-06-06T20:55:59.655617Z","times_seen":123,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":32,"dns":3,"connect":13,"send":0,"wait":14,"receive":19,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/css/translator.css","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/css/translator.css HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wf9AbyPG7ApRTjuAzdkb%2Fl3bdrCORQE11a%2F2bkJ4XV%2Bka5uzZMQmAlgOt5CylRo7KqAGCvvw4ljWLpFHcPc9jnGc%2B8PUoIo2Ix8%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:54 GMT\r\netag: W/\"26f9-19b5a04ad42\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1b0af60afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9977,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"fdfa7bb455d68128fb58f73a24b95900","sha1":"b8e0c4eef10f4701ece9ccf483b358833000a528","sha256":"e4b36976e594a58d47217a5eb1d861b1748b313ed518ff08d57b0c2eb9a505dd","sha512":"d9f4dd6fe27b87f6ca0d92595f6c5d6d1e363b7cbea18336b5decdadf27fb12e684e1d226ab69dd1a0813a3b49ff81f289ed7050ff257535845304a838f0617e","ssdeep":"192:Vko50rg/j0Xh660ulTj2E5lNb+ih450xwZRy0kMXaaiN4cvn5GFG6Zm:35ZQNu53Z40vqdvf5GFw","tlshash":"0322e086c2f31688246f54d4dfea9786333ca1434126dc78bb8e76590f891fdc359b48","first_seen":"2026-01-05T22:08:24.78568Z","last_seen":"2026-01-05T22:31:19.666952Z","times_seen":3,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/bg/bgepicslider.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/bg/bgepicslider.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 14970\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:53 GMT\r\netag: W/\"3a7a-19b5a04a86e\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9Ql50ud%2Fx3qXeNo27idKfDbbbPzFaWScYYqN06fHbgKuHfDVu4nOWyWebRJcep7OTFsE05sy5rYC28%2FXHbQS9LaH%2Bala2JX7RMs%3D\"}]}\r\ncf-ray: 9b966c1fbb3d0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14970,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 61, 8-bit/color RGBA, non-interlaced","md5":"c847297d6948ffe5b869329861a4582a","sha1":"ed73794e030747d5bce0bb1d52f7b24b747a9521","sha256":"e5265088443fd489cf105d309ca31e344cc81dca96469d659b8f8a02e4c0b550","sha512":"b00307aa3128156d429f92b55d03beffad2d9c9c5dfba7f29e629d594757e865576ae24968288409363279b5649f366b552117c8aee2d26452b120e3a52eada4","ssdeep":"384:SxbpZTGceBFnlC00+EpSbmqUg4ueE72zvoaeBfAXi0s:kzTwHlC00+E8bmq5vx2MrBIXi0s","tlshash":"7e62d0b828d6b6b28562bff32739d474e03f988f51a27beda429a706c021f34241f501","first_seen":"2026-01-05T20:37:02.261092Z","last_seen":"2026-02-26T10:40:24.037251Z","times_seen":8,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/girls.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:50.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/girls.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 301115\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:41 GMT\r\netag: W/\"4983b-19b5a04788a\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mv51dJT%2FKfyVZFy9wjZ2yIp8AmSM73X%2Bx%2FzF9JF8jqXTqm%2FzYvgmjbPv%2Beo%2B70jXpIYcqqoDaN5Sl9kZt22%2BO%2BQ4HRJvZBQ0krA%3D\"}]}\r\ncf-ray: 9b966c243b600afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":301115,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 506 x 506, 8-bit/color RGBA, non-interlaced","md5":"bddcf121534661734130349bd3b32c7e","sha1":"3d4f4355e537eea88b0b8137b02d5418ae05d81b","sha256":"ff8f3144cb2cdf9035dd94f9f223b9c2925cf4ba0cdc4599bb5a9eeb1a1f66e9","sha512":"f33bb0f94f5ea845e869b177beb2a469ef1989e9c4b56875919282f1aa6e4f2a4eee8296f85427aaafb9a0f150e0a7d9d2c4676e697607b89a9a5a9ece89e89e","ssdeep":"6144:IhrVGfy2p8eNyRXZLez7P1VnJj3KnhmLOFpG6IVhjNFMdLs2cFR53Xbo:I+f9eyyR+1Vn93KhmLGmjccFR538","tlshash":"895422e09a2407a4201d7b25f4b423c8d135f9a04932ff591ba273b871be75a0fe9c70","first_seen":"2026-01-05T22:08:24.855224Z","last_seen":"2026-01-05T22:31:19.669552Z","times_seen":3,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":154,"receive":148,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/next.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/next.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r2fgV%2B9gqC0JF3S%2FSGAwHU7QdeTpAxkv0rdeotsJ7bmxc0Ehza0FusoeT9RD1lLUcUZXvyFUlMz%2FNBMQsPH%2FyJ0%2BXwuLRyEQdds%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:39 GMT\r\netag: W/\"e1-19b5a047086\"\r\nvary: Accept-Encoding\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c147ab20afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":225,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d51f86ab9232978431d9d14e7ed3bed5","sha1":"7d4c24e09df35dc605cf7b4e1157cdc0810caef9","sha256":"e2fd38d5fe85916f7ae32934f6a77d4d0962d1f1b6e0a60b5f886f25a3582ae7","sha512":"6233cfcc2d9890be42a4b83ef2299c52a80bd418a41c3922348ad3135acc522543d018762a6142e8cfda0bc7b3fbcb0b81967ef4d2e5aa4b50a3faee0a308511","ssdeep":"","tlshash":"07d097b4602cc80650184b200524002a5af7e0ca564d90dcf6443b3ab421ac72d002e8","first_seen":"2026-01-05T20:37:02.384128Z","last_seen":"2026-02-26T10:40:24.073502Z","times_seen":8,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/live.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/live.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zMvF2hqDo5vMaYi3GKhD83P%2BV%2FG6She7kkE6dhw8JSRMVrq661Gbf9LUufPJqSdbUGtfkWH9K1nToBkMcQ2n2DkCnkRy95oAwfo%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:40 GMT\r\netag: W/\"403-19b5a047486\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c147ab10afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1027,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e6ca2e2bd83aa26945140aabba88747e","sha1":"a222fe52edbabb013f51b6cee8e76ed1b7496063","sha256":"ca7b698ebfd5aa4c0a836023434496a32b7ffba95028a37000ae89258d043513","sha512":"681ee2596b0d1d644f5fe7407341d2734af001ccb313bce9b7ed1e3db07e9e49137883d13f1d7d066e3ccf17e68ab8c4b35d732a343ed583bd3ca9fa6f6ba60b","ssdeep":"","tlshash":"4911b999130c093cf4235b21f31ab57a805a25373bc86dd9887328760534a9eb9bb5d7","first_seen":"2026-01-05T22:08:24.835922Z","last_seen":"2026-01-05T22:31:19.671703Z","times_seen":3,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Inter:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /css?family=Inter:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 05 Jan 2026 22:30:48 GMT\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42903,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"daf7b52c12e034b36196b0494a738e70","sha1":"48b129a008607572f027c2e6975f7e4c3e8b05d2","sha256":"f7541264e6acfe7a861cc03c56f211034a465f5fa6b0560fa63517bc495f2b16","sha512":"4a1eee9b4b1fe79debde1429591400c724f0ef88447fe32e4e1f0913803de570f1ce162735fc39d8819e5d0e37b8b3cda292a1db650960de54e3951bb8135123","ssdeep":"384:v3df3r3W3Fg3O313DkfCj+glCobfFYvgUTdafUVwgzAa5f/Khgyp3QfG3Kg52sn+:/prmG+BKM5WeDy1","tlshash":"2c13a992002fe40066931dc223cf7e35aece61997086d47a5bfd0dcabcead67526835d","first_seen":"2025-09-14T16:47:28.438108Z","last_seen":"2026-06-08T04:04:47.433365Z","times_seen":663,"resource_available":false,"data":null}},"time_used":424,"timings":{"blocked":189,"dns":1,"connect":17,"send":0,"wait":42,"receive":0,"ssl":172},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/BelaflaireVandal.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/BelaflaireVandal.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 54102\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:50 GMT\r\netag: W/\"d356-19b5a049cd6\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xeV5GESOIbn8ryqvgbQLG7XZh7xzzPqnm9RRjVNw5FmF3GVGTlmn1Bg1Yw3BSuSJQM6rCqJot9uQOag86qt5UmDNBZNBhpBaebA%3D\"}]}\r\ncf-ray: 9b966c1f1b260afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54102,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 152, 8-bit/color RGBA, non-interlaced","md5":"eb4c5f15dd3c9f524b1bd04b958c2e8e","sha1":"094b5cdb654c26b869684f34ef6ed63bf617ebab","sha256":"80c6b99ad416060a19e969483f4d78e330fcb978c017813f1eacf73468d1327a","sha512":"b16386ad32fc3c9abedcbd17f64f7f48fef6e82680b256877943cf95541ada3e438983644f1a198702458a9fa14e810a438077214aeddc0f01e7c0caa8de9d6a","ssdeep":"1536:bCz6XzVeNKZ6kakzjg9uCacy1MCFl+3KhDvU:bCzaVewZ6OjMLtCFl+AU","tlshash":"6933f163ea7adc23b6b5dbd2d803d139b551892578aab83f02c84ed807f9cc44d6095b","first_seen":"2026-01-05T20:37:02.323424Z","last_seen":"2026-02-26T10:40:24.069468Z","times_seen":8,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/ArcaneSheriff.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/ArcaneSheriff.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 64844\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:50 GMT\r\netag: W/\"fd4c-19b5a049da6\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qQlvCZbyP0eHhgvjeAJWJCGbwQxnlmXEW0ojtrbvS%2FBUf38krfcIYD4OjiNIOlxPwGHUJifUKSO%2Bs5yqiQg0IfeYjKmE8mptzvo%3D\"}]}\r\ncf-ray: 9b966c1f4b2f0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":64844,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 240, 8-bit/color RGBA, non-interlaced","md5":"90498097532cdf0b5ac1a04c332be382","sha1":"dce6c1c0cbcd61c20f26736b84bdb28afcc51d24","sha256":"62b4ec84c4542da6e5a984d7e441d25bf9e8128d3f2b517e80d7ce56d6d42242","sha512":"6e5d6d06a26f8cfc932f47b1be3fe315c3b6eb1955c1f39948c0de95e793b74c85df63b99877cec0fe531c633c17d766109ba8ffe1891b02487a6b2f9281e8a6","ssdeep":"1536:uKstvZwMek8a/O1id6k/hS7bVrO3zct6TEKN4vigvi:uKEvZw28GOiok/hS5IAkNyi","tlshash":"56530233347dda46d35263d7ee9aac2470c9be774360859208ed9a9d17056d307afd08","first_seen":"2026-01-05T20:37:02.363494Z","last_seen":"2026-06-01T16:13:09.144269Z","times_seen":12,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/bg/bglegslider.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/bg/bglegslider.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 14627\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:53 GMT\r\netag: W/\"3923-19b5a04a7a6\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1FXXD%2Ftt0nBT1eGe7YeR1Tc1CyUeesF%2Bg%2BlFrnk7Y1JyuFh%2BckRM467uNLsvSo2u%2Fd%2BodTchzOfqIsTgt02BXv%2F5qxL9cKios0c%3D\"}]}\r\ncf-ray: 9b966c1fab3a0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14627,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 61, 8-bit/color RGBA, non-interlaced","md5":"06c6e9ebbc896c6c0bf96d7bc3de7925","sha1":"199ab596d5da4c744589d6ee91df20cca3498fc5","sha256":"1a93174f826b6cec9361a2adce75e729661c71b1368512c2375d6b0112cf48fc","sha512":"2f8fb9ec1d12f3d94c3207c01965878f4e8dc21d1523d5b1d3f6f310763a9aec0d9e0b74e0d8e3a4b104d873e6a962523f3d228821fa0efe21aa24cfdbe5ff77","ssdeep":"384:S9BkQbHdScAh2noLVRX373TU7QzMx57/O1fYVhlZM0GP:8PL4bDhL3TV8GVs/FGP","tlshash":"4262e05c8871dd38df4ca87a18efdc039b5e2029bdabc484c86a28e56dd652013e5cf2","first_seen":"2026-01-05T20:37:02.392891Z","last_seen":"2026-02-26T10:40:24.037754Z","times_seen":8,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/icon.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/icon.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F26yEwJs%2FM4%2Fc35w19AI6adxQVmWrW7XGG1NyYcqiBNsiMemwfh8dMIvf8AFegdFQpKV18Wptgmk30rT%2FOEMXqhSA3FlAyYytUo%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:40 GMT\r\netag: W/\"192-19b5a047622\"\r\nvary: Accept-Encoding\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c147ab30afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":402,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0738671f55b7794ff4100172384ee57d","sha1":"aac26daef75dad7dfeb587563a6e6c463cd42bae","sha256":"2e90a72af6ac3404c1e5b93c91dbec4c199a7026e4027a31afee79612e720181","sha512":"be2e5a509d06fd1de0bbb7295829e4ef4cb99e84ca364b1d073c0088d33dfebd379e8a13fb43ad22dec2504b499b1d1d62a793df301da1006392944625276bbe","ssdeep":"","tlshash":"ede0e510a314c484e89dc794939068281e1a8875438e245c977a3918e2b4c93ec323de","first_seen":"2026-01-05T20:37:02.27797Z","last_seen":"2026-02-26T10:40:24.030124Z","times_seen":8,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/bg/aboutbg.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/bg/aboutbg.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=US7ffc14r%2Fp%2FT%2FYSbu2kxP30IWuAshe%2BzwaKXC85LJXf73TWJOYaYMvFGuZfJUN20h4mxdM%2F9nnjfn1i0ZQFsX50ke1S%2BPRhLxg%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:54 GMT\r\netag: W/\"10a7-19b5a04aba2\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c1adaec0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4263,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"211964affb1b025beb261ecebf3e9d07","sha1":"5b9fa4bb57cecea794571bb144f4552b87e2dc37","sha256":"80433b194839df42cbca7a949c46d0a54ca2a41f8622964978d5307e64de6b05","sha512":"b280b9d02964e2978e054e46ebd784921bb9f049f48d2b7bb080909c44be8cdc6419502b20d07d4f6681eb0025d9fa79b89a89b2b906f2d4888fb3024dbce376","ssdeep":"96:O38rYWqmFRtZ1xd/6fXkNLboTzo0y99BA2:XrYWqQH9R6fXtApDBj","tlshash":"da9185ef6b746cdcc9cd8bd3bf26809d650280bbd9488604c45caf283cd596cec15ad6","first_seen":"2026-01-05T22:08:24.741645Z","last_seen":"2026-01-05T22:31:19.678802Z","times_seen":3,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/CYRAXVandal.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/CYRAXVandal.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 48261\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:50 GMT\r\netag: W/\"bc85-19b5a049c0a\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NMlEXheMkqq4UvH%2FMG%2F6ovPe7bKpUQ911jmfUrKaDqcFQOnxbnIZzUPcHfEe5My2PNVqmcAo9FJgTT9NQ%2BSkw5ydouCvV%2FdA3eE%3D\"}]}\r\ncf-ray: 9b966c1f3b2a0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48261,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 148, 8-bit/color RGBA, non-interlaced","md5":"a0dac53da7e3094ba37617604c617f9f","sha1":"9af65b2e5d2582bddcdec9f29fb821a7fa0f4bdd","sha256":"7101b73e4d1a00bdf712ce6a4afb111405541d43c752fda6c60d8863f04763ad","sha512":"a4306aad6472d96e0076d14c82825bcd28f4571a81e82bafae3c3ef2890b1540ac5fd1961f32b56b731872712313685ff80bdeb2a4d8b8cb3690916e3a0683fa","ssdeep":"768:5sih4s2NyXy0C4hhqJbvvrG29raRlSTHkIivQrlkxvjl84J+XUoHjBB2KYFK:eih4EylQKVClukIivQrlkblTJ+Eu1BVF","tlshash":"482302366168a01b5da4b1d9a0d4c29fcae2b59410ff01c0ee39e6510ea77075edcf6b","first_seen":"2026-01-05T20:37:02.330512Z","last_seen":"2026-02-26T10:40:24.061272Z","times_seen":8,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/bgred.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/bgred.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 92198\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:46 GMT\r\netag: W/\"16826-19b5a048e62\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SNFmOkD50ipE%2FIREiqztLCkm5alH%2FnaTpihpVMWoJF14z%2B9%2BYDi%2FmrMaZZXIN4dRIL2UessmU2ewaifnXKvSEX4Bd2W05gv5xwM%3D\"}]}\r\ncf-ray: 9b966c217b460afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92198,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 232 x 304, 8-bit/color RGBA, non-interlaced","md5":"1fee650f2f0b2cd3f2f54e4f1538d1db","sha1":"2bfd0b5b83e39b3547581407810099614b124d98","sha256":"34fa7b82d4b1e2c48741c29c57727c7eb69270bfd794f357157d910f887c0604","sha512":"edb94a1e10c843ae7e51c49eaafe42471c30e3aea4cf5a0345ff1b2fcbe451f1eb52e0619df737259b4f036a0ec549849a3056fd047e235d30b1c73ca6ff604a","ssdeep":"1536:0Tr47T0UHH9qkXiZK/JUYAGcobs0Qy5sV+ixLYSw43idX5qaexp3zcv3Zt:0TrpkXiZKLAGc7w5sV+Sc0aexUn","tlshash":"729313753e4e9cb012a3391b717308b1947d043a2e39ad4cd7d5c2d8ba72c96a6b9c47","first_seen":"2026-01-05T22:08:24.843021Z","last_seen":"2026-01-05T22:31:19.680694Z","times_seen":3,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/insta.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/insta.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M1O%2BmRYZoo6bIxn0r3BmNYLSdGzAPlcp7bHfvB9mO8j8F3DlFiMlwhGmVsQI3PBhikOqZT2IBgLQmQpWJ0sUhj4wB2NKKE9KVrM%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:40 GMT\r\netag: W/\"ecc-19b5a047552\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c146aac0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3788,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7bbe72218f02e4798d6855ab4e3e3682","sha1":"805756d408f4c799a2b2851868358c93b1836868","sha256":"d0bda81d9686c621f5dae743260d34826ca9ba78d740806339e05f08a41444f9","sha512":"b4ab5ab28658acab3525f33c9eecec700f10a3f92a385c08b7c8a1494db11c979fb72a68cb0a0de60c32a6f72e30ddb3483bea52080e9fa575afb292d86f73b5","ssdeep":"","tlshash":"907183fa3619d5e0da4b97f4e9137d84609f28fb7f51d2e891a0d184e9c02dc8d49d88","first_seen":"2026-01-05T20:37:02.273774Z","last_seen":"2026-02-26T10:40:24.043302Z","times_seen":8,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/svg/x.svg","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:47.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/svg/x.svg HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:47 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uc52VNe6TkikCQYPnWZMejw%2FEUeF3bQfSKdA%2Bjdd0huI6S8X2brWkbPCVhGWRI3gFA9fOJxlzJJeSbJ685drXr4U1iaGQ0aWBig%3D\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:35 GMT\r\netag: W/\"16b-19b5a0462ef\"\r\nvary: Accept-Encoding\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b966c147aaf0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":363,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f4f76875c3ce86338aceb9e6fc01a09a","sha1":"932ec8f027f3dccd7cd9efe62537dc119ed1ecc3","sha256":"48ca1336bba039d97a59e2d3621ecf3c15f21ba511c458665cf5e0f3dda1e923","sha512":"9407b0ca0ecd1956ab13e58333938647c83f9d667782eb1eb00f5dd0e4813772661fe4b6800e5c6c82b32e9abeb1abd9fc1a3880dde04c665789af04ce0008ad","ssdeep":"","tlshash":"67e06020280ccc01d14d431fbf3a041cc02372e842ec40ea1a0016b0b8cd9c93d49cec","first_seen":"2026-01-05T20:37:02.306278Z","last_seen":"2026-02-26T10:40:24.063Z","times_seen":10,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Bebas+Neue:regular","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:48.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /css?family=Bebas+Neue:regular HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 05 Jan 2026 22:30:48 GMT\r\ndate: Mon, 05 Jan 2026 22:30:48 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":812,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"9601316eb428ca49066e7bf28d082a08","sha1":"8f5082bc3dd5b627d6f5c81595fc41e75da92bf3","sha256":"fa8d5d3979149aacf0d8bfaab32c187d73b0ee25877f2aa1a6660f769fe2a85c","sha512":"d474086287ce4c87d15e7d2d6c6512f618c7d4eff1127cc56c5bdf0d664d5e2b84718413aa78964b132bbafaaa6971fe0f7efe9047c1eca49831cf8b34745983","ssdeep":"","tlshash":"b401ce91042ba40097930dc521dd3d32de1f6350a444d9205efe2898bc67c76931571e","first_seen":"2025-09-17T20:29:39.324253Z","last_seen":"2026-06-08T08:32:12.868798Z","times_seen":300,"resource_available":false,"data":null}},"time_used":631,"timings":{"blocked":290,"dns":1,"connect":30,"send":0,"wait":46,"receive":0,"ssl":260},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"valordem.icu/assets/image/case/VandalEXE.png","fqdn":"valordem.icu","domain":"valordem.icu","tld":"icu"},"ip":{"addr":"172.67.150.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://valordem.icu/","date":"2026-01-05T22:30:49.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"valordem.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 12:18:31 GMT","end":"Mon, 02 Mar 2026 13:17:11 GMT"},"fingerprint":{"sha1":"FA:7D:56:03:1C:9C:CB:AF:D9:24:98:91:9C:69:86:9C:E2:6C:F0:BA","sha256":"8D:1C:94:3E:BE:CF:BE:43:98:4A:42:FC:9E:25:F5:01:5A:E1:43:C5:AD:75:2C:BF:3E:D2:6C:E5:AD:B3:E2:C9"}}},"request":{"raw":"GET /assets/image/case/VandalEXE.png HTTP/1.1\r\nHost: valordem.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=SlWMcxeNXWkbsFsVD9wdgg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 22:30:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 44859\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 26 Dec 2025 09:36:47 GMT\r\netag: W/\"af3b-19b5a049196\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FaEuPROeJ8uqiist6PgbBkoVPZikyhnwz6fbVSxCy%2FGDeM2Kbyoy9EteQDZY7kPFmiY2mbHaDtrAWbMCQ70rIuQfUqZKwMJN4fk%3D\"}]}\r\ncf-ray: 9b966c1f3b290afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44859,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 152, 8-bit/color RGBA, non-interlaced","md5":"9310729de4e1de40beb0b483b2a6edda","sha1":"45689afa20fb4e9406fcdaae086b141b6ca5ce41","sha256":"d39bedebbcae7827c5be538afc2ae956ffc5759f48567fd4238648ea1cfc9c58","sha512":"348a40050bb0b9e90db30d0537a3fd74ceb9aa059de66158a0ab8b472c449281ef8732e0e65e23199a7064ad2df51cf2cc397861c44f50e97bcee79988ddca75","ssdeep":"768:cVzV3O7L+CgKefS6ok+BwCvcqfttyPObqW5EdKCE661mDtBS:yzXBKebT+BXUq1gmbf661mDi","tlshash":"321302b5018ae4a7d0a920a5777f3604d5ce24af081d9fd4f60aa1db2fd47a139ec34e","first_seen":"2026-01-05T20:37:02.343332Z","last_seen":"2026-02-26T10:40:24.032346Z","times_seen":8,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"valordem.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}