{"report_id":"e8633a52-c559-4600-8801-2297581756da","version":6,"status":"done","tags":[],"date":"2026-01-03T16:02:37Z","url":{"schema":"http","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"title":"Cotiza Vuelos, Paquetes, Hoteles y Carros | LTM Colombia","dom":{"size":114563,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (20161)","md5":"084cb93176186952b97ce4e925335328","sha1":"d8c30d257f7796f6bd1979ec55ce0242b75f1cb7","sha256":"701e661a747f507a651a564a4f6810c5c76529a979781747fc64c7c06e345f37","sha512":"634335aa56080464791c8c8c6a626dc532da17d8a91a8497fb924e48ee99d4a1e28a070f129bd13e6442c769753aa04ea33b5f54298962bee51922aa3bf57a95","ssdeep":"768:ST2RMGPHpGhrn9mRt5dX16gM31D4mQy9BSa1E/Tg2c6cAYOkJAQj5ntZfs8V2XRk:bqLWXcgC1DVWizJT/U8SKhmC","tlshash":"79b3e89152e062fa9207d3d49726ac2b3b4670fb5901c109bf9d1e919fa6cac4ccfdc6","dom_hash":"domhashadfd62ddaa24b8aaffdb14b6b5491bd1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-07T16:02:37Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2010-09-19","domain_rank":0,"first_seen":"2026-01-03T16:02:38.607815Z","last_seen":"2026-01-03T16:02:38.607815Z","alert_count":132,"request_count":33,"received_data":1751748,"sent_data":16897,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/js/functions.js","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6ae18dc9074f66eeb74a0fb3902375ef","sha1":"c411d9b4b07f2dfaea97b9b3afd9bb23f04b8733","sha256":"60645501d0ab07b5dfe402a568b6158694a62c13edfd49d1d67f033415474b1d","sha512":"0878b2d8d878e6b285f7417ed9d904b032dfc1430ccf14a960d0602a1a17d34437a4be98d384dc34296fa3359b15b2dcd84d3ed06b4a0704b6831590929af244","ssdeep":"","tlshash":"4771429984b15a1308220975245f44463122a337bcd8fc54bfee0d8c2f6d46f83fb6ad","size":3584,"data":"","first_seen":"2024-08-08T23:37:50Z","last_seen":"2026-01-03T19:48:03.058863Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/js/hotel-datepicker.js","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d407bba0be3946d4594635c24b7d7760","sha1":"59a1e229ad47300a36e9b1ff3cce248bfa6174b3","sha256":"931fddcdbf048cf077ce5ab0776641e8226be02fb9819c81575d9f1f8fbf9cba","sha512":"d7789ea15a665ce94f06f97795ff2d574f4e223a4b09b028654c534ae642701840821c5cb5dd019c52f5130bc957bc9f05271c6c4458a46a31af3b9a82d6e19e","ssdeep":"1536:DdTtfm1Oh5VNWpq3dGCoqZ6dqUi77B4gj8v5zzrJIxURFDWwz6rzYvA0EclvrTXM:/miu8IzXVkUAZK8iKr","tlshash":"b083818a22e70a274a6772b85f4baa46b721801f6845de1c3d5c53c06f9883541fdffa","size":86012,"data":"","first_seen":"2024-08-07T00:22:13Z","last_seen":"2026-04-29T13:17:31.766501Z","times_seen":120,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/js/index.js","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"01f4b6e6292fe359d84dc1af1c4dab2d","sha1":"80b9b18a34ba4ae4ce84cd95a99c9e3c523da959","sha256":"fdf8161363a21b468ceb190a0bd6a582c504ddbf65c443d92ce46b16c0ff5b42","sha512":"149db701357289883614431add675a03d6560812e7ce7f9f89c0259adb8e03e5d544bdb97bcdbacc5aeef40d6354658d00d480b976fd934a564b17b09f2b6faa","ssdeep":"192:qYsbSsb1emRL1qIwJF2R3Rq1xkbTZZvcXUNW0/KDGtrvo9YQmM24h99XP2Eqx0ZR:qHxzNHE9XmMfuMbQkEGIEGeEGF","tlshash":"186244ad92f5013205b708766bb7d2453610a11b6c04f86d7f6cd7f80f88a4adb637ac","size":14951,"data":"","first_seen":"2024-08-08T23:37:50Z","last_seen":"2026-01-03T19:48:03.052927Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/js/fecha.js","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0e103294e3a5ad49b237b1f7f0b4caa","sha1":"9470e8273562123d6ad4da69d633c2c39006ad99","sha256":"bbdda49f16212fd368206cd89bb1a41439465653d04af74b48ade1b1981432cc","sha512":"8d95ea2aee136d807a86ad1b7e8c1ab122168cceaa94b3fc0344cd3dc97fca46c78f4c4fdc41b485a772e92822fbc5114cbd2ded6312e719da0ded4977b10312","ssdeep":"192:wQ90/2KQn9fiQzZTVqAQnxziA37XVK18IblKCqdp3miA6A4+RJI9qSwlaMGzxFxh:u/2RZHA37yc3mieytr1ObO","tlshash":"c952428ea5f2604627173179899f91057a34c293356efe04bd0ca2659f2cc3d92bebdc","size":13934,"data":"","first_seen":"2024-08-07T00:22:13Z","last_seen":"2026-04-29T13:17:31.738542Z","times_seen":127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/red_down_arrow.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/red_down_arrow.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 957\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"3bd-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":957,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 75 x 48, 8-bit/color RGBA, non-interlaced","md5":"5b2df77d7cfd614d67740e588dd48b32","sha1":"da93b4158a43e2faf3171a5c40b0d005829a27a7","sha256":"4da8a3087d1b483e5a0d5302a0578de7457c60f9133a4f9e07c3060076d6ccb7","sha512":"2ba0f014d562c9d674e9b7f782dd16d82db176569141a36d773cd22b530e99fb55243a0d17649f8972f752f9b609688a90b05e8e0cb06aff58960debb2c3c872","ssdeep":"","tlshash":"9f11c8b2693a6c38edcb1b758fcb18579cd3504904e04848552746564c4995177f8392","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.046974Z","times_seen":173,"resource_available":false,"data":null}},"time_used":991,"timings":{"blocked":882,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/main_banner.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/main_banner.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 158849\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"26c81-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":158849,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 585 x 249, 8-bit/color RGBA, non-interlaced","md5":"f519d2bd3ed05400772086dce4eed915","sha1":"9ef3fca83a92a70d327555aeb5e88698e561ffe6","sha256":"b0d218180f4ff46e69d73f6e84744896081c6cce917fcf18a298963dad1b89b2","sha512":"1119e4dc12f5e541472370359fac08291685f574b4511b597b883004e3aad4e892a18806f347559593525b62c49ef6d0a32cc608c420282dd4045dc4c0f06ee8","ssdeep":"3072:JckcI11YgxhI8RwZBpGD6gDktqxw2FU9y6Kqy8MUtHFlcjW3hyn:Jckc+W82BgGgZFWy6LdHlcmhq","tlshash":"a5f312832ccc5468c67ec9c165e360e2b3b6b4f19f75913f3709253a73daeb1862a145","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.0609Z","times_seen":166,"resource_available":false,"data":null}},"time_used":910,"timings":{"blocked":430,"dns":0,"connect":0,"send":0,"wait":191,"receive":289,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/gray_right_arrow.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/gray_right_arrow.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 570\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"23a-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":570,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 23 x 38, 8-bit/color RGBA, non-interlaced","md5":"32e97e46bfd2e44035ad1d49d5cf725f","sha1":"20f0920723608236ba953204c3e6feec68e303e1","sha256":"9c86c6d83aeedcf6dd1ff8f965cb5ea4b43baeaf1c690ce7a6a98c7805770a59","sha512":"315beedfed75f24ef6957bef26033232d191f15330f1ad777fafe0d9ce14ca7dcd2b2f4c36b4e2d7af5168c38e627f6fb92b604a5af81c7be04a32c4d05bdb15","ssdeep":"","tlshash":"dcf026e6db24052dd7df767219d3f8405df238c602c9d044e968d5068157cd53b4b832","first_seen":"2024-08-07T00:22:13Z","last_seen":"2026-01-03T19:48:03.055658Z","times_seen":170,"resource_available":false,"data":null}},"time_used":519,"timings":{"blocked":424,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/js/hotel-datepicker.js","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /js/hotel-datepicker.js HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 86012\r\nContent-Type: text/javascript\r\nDate: Sat, 03 Jan 2026 16:02:16 GMT\r\nEtag: \"14ffc-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456136\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456136\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86012,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (780)","md5":"d407bba0be3946d4594635c24b7d7760","sha1":"59a1e229ad47300a36e9b1ff3cce248bfa6174b3","sha256":"931fddcdbf048cf077ce5ab0776641e8226be02fb9819c81575d9f1f8fbf9cba","sha512":"d7789ea15a665ce94f06f97795ff2d574f4e223a4b09b028654c534ae642701840821c5cb5dd019c52f5130bc957bc9f05271c6c4458a46a31af3b9a82d6e19e","ssdeep":"1536:DdTtfm1Oh5VNWpq3dGCoqZ6dqUi77B4gj8v5zzrJIxURFDWwz6rzYvA0EclvrTXM:/miu8IzXVkUAZK8iKr","tlshash":"b083818a22e70a274a6772b85f4baa46b721801f6845de1c3d5c53c06f9883541fdffa","first_seen":"2024-08-07T00:22:13Z","last_seen":"2026-04-29T13:17:31.766501Z","times_seen":120,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":68,"dns":0,"connect":0,"send":0,"wait":109,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/mappoint_icon.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/mappoint_icon.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 3388\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"d3c-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3388,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 78 x 117, 8-bit/color RGBA, non-interlaced","md5":"ffe20a5fcd8c86e21f4a3748751f8efd","sha1":"3e7c54bf4010e2c11f38f13cb710fc10419fae73","sha256":"49784a60613df938fc45c426121d38257b834b835e63ec7365db36b779d624b4","sha512":"9891aa2792c99140973fbfb38a6763d03d3055f5038fe77d50f696f138816f7eb00bc87d8053770a492a3d85bbed7060f98a4d8fd83686cd3a91ae4295e5ea8e","ssdeep":"","tlshash":"81616dcf38f5e80dba16327003571a9bcf4bfa9672923c997520c046f91613e2e76853","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.059623Z","times_seen":173,"resource_available":false,"data":null}},"time_used":1003,"timings":{"blocked":906,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/utils.css","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /css/utils.css HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 14622\r\nContent-Type: text/css\r\nDate: Sat, 03 Jan 2026 16:02:16 GMT\r\nEtag: \"391e-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456136\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456136\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14622,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a61515fa3cc9ab4432159e5979140036","sha1":"f0251807a522437d800ffafeea2b9f2563550354","sha256":"585616f60cc6e12443609d83fd7deae2b11c7a9a057e1f8754d0001a27c1e5c6","sha512":"38c1c9e39cf9cc67684af2f8c199ae42c48ad0920636894d58a0610b88917e89c58252ad77fa8fd5c3a649dc91217c91b09766a19c320ae5548ee81a82bf82c7","ssdeep":"192:0IQRen3tyiEZifgyGPqADPDnvMokLFJM29G4XYM5bBR62kIu0OZAQv+SVP+++Sgi:0mqywHPDvELFNZYMTOB7","tlshash":"ec625392af6b0841b11bc2686bffeb85531d5283d80ad57ebfc17618cf455a811a3f8c","first_seen":"2024-08-07T00:23:37Z","last_seen":"2026-01-03T19:48:03.024263Z","times_seen":126,"resource_available":false,"data":null}},"time_used":753,"timings":{"blocked":271,"dns":1,"connect":94,"send":0,"wait":97,"receive":94,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/main.css","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /css/main.css HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 5762\r\nContent-Type: text/css\r\nDate: Sat, 03 Jan 2026 16:02:16 GMT\r\nEtag: \"1682-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456136\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456136\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5762,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"675ada56dc63cb5308460bd93724cfd2","sha1":"55c5eb8e8d91412ed6cde46a5b85c2a4def0603b","sha256":"89c49713185ec8044473a76851e2f8b7a7b583ebf200708573bef1bee3ba8be0","sha512":"b071ec07bc9b49a04c08b2123cc1570b9f9df923c6bf8352cbe61074bba1414fb5dcca200022e74ae2afca26cc571701e289a5dd5d20716bf4324f4df038b950","ssdeep":"96:NcR2bGw3mlIzPIVJFd0Zcl0YlbZeB7NiYxtG8hQCD0Tga:s2bljPkFdUcyi+xrVhQC4F","tlshash":"2bc13296da6718867807d1586fb59b86435c8043d00ec67ebbc272dc4f4e6e8a4e3f48","first_seen":"2024-08-07T00:22:14Z","last_seen":"2026-01-03T19:48:03.040191Z","times_seen":99,"resource_available":false,"data":null}},"time_used":661,"timings":{"blocked":271,"dns":1,"connect":95,"send":0,"wait":98,"receive":0,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/hamburger_a.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/hamburger_a.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 643\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"283-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":643,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 118 x 106, 8-bit/color RGBA, non-interlaced","md5":"010dfcf4d3c8cbd39d923c393c345bfe","sha1":"f77a91624aa5572b9e4334e3afb86021bc937aa7","sha256":"baea163c6eaa7b4a4e804639e2fff057b71433fe046a0b736fd08d15159e3cdc","sha512":"da9d94ce112d8c94316775c9351365cebcaf5bc8819d6afcbf01b58e302886776296c2e49d5152ef5819181bf372c044289440ee097b08e743b420d5b7c7f8df","ssdeep":"","tlshash":"a5f044fac778207cf7871d3fc38758c8cdd5a21406e186047e20592ce9a98e32e096c1","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.028299Z","times_seen":175,"resource_available":false,"data":null}},"time_used":930,"timings":{"blocked":829,"dns":0,"connect":0,"send":0,"wait":100,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/left_gray_arrow.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/left_gray_arrow.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 4988\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"137c-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4988,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 78 x 76, 8-bit/color RGBA, non-interlaced","md5":"cea1a5a4233306b5097df89c84d658b9","sha1":"23b93820327b2ab9faebe83dda737c916f689b1e","sha256":"82f7995202d599a22fd54f22d92219fb85952f79ec6e3c8c6fb9d652b488ad3a","sha512":"a10615de4e2f487abf81721c6ac05e6e70ecc387f3720fba50a888912751d8289e05355d7b778da18673b19087c1b0eb8daa21be2dffb0624d735228307a780f","ssdeep":"96:K+uG7LlEmQL0+eFjr47soReYKAlnm/QzSv0sCs3VEqKZ5EiLDkcuqXhiM:yvA+sr4g26Aw/QCCslFi5+cuq5","tlshash":"09a17de28b4069e106b7010ad185d38186b837f85dbb4296bd3718cadb6859339afdc6","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.041964Z","times_seen":167,"resource_available":false,"data":null}},"time_used":724,"timings":{"blocked":629,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/index_menu_icon_2.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/index_menu_icon_2.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 34939\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"887b-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34939,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 248 x 254, 8-bit/color RGBA, non-interlaced","md5":"04582afaa337ead77aed4c5c662e7fd2","sha1":"79d2ee0ff2357b0a56dfadfede268b8d8ac0722e","sha256":"f4264bed2874e2443a7d5703f8c2ad68cacaf324224a98d2d65462498c3c8267","sha512":"d69d8924e7a1a3e282abdbfa134778c38ebabe0d93f5fc681fd69b37fb827be38335a2feebfedf08f6a7a3053e3f0cc8122767188c0cd88c580b63fc23933825","ssdeep":"768:FJu01sYke1qb22scVFUPwZsdQWTf/44LVPt2+L4Jf:FJu01x0YWWTX4o1t4N","tlshash":"02f202cd928a9f5c7a774c7188eccf541cd2143e40bd851e5a36a2c82a7739bb435be4","first_seen":"2024-08-07T00:22:13Z","last_seen":"2026-01-03T19:48:03.047773Z","times_seen":170,"resource_available":false,"data":null}},"time_used":1002,"timings":{"blocked":905,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/favicon.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:17.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/favicon.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nContent-Length: 236\r\nContent-Type: text/html; charset=iso-8859-1\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":236,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"54ddfcfcbac52ccc7451161d40934ad7","sha1":"3f9915360e96bd0c5c756209a62d99b0246a634d","sha256":"9448f8a1159c9b14e3e1b9d8eab1a6ddf88d26e1f888a34cef430c756e4e6e1e","sha512":"b5b31c06e9e8cfc08e09e90bc5ba77c970c5be644c109f14b4b430384d4cecefae4368e051ed96323cfd3fe7a0e9f4832025c2efd213aa64bf65c55625bd72e6","ssdeep":"","tlshash":"61d0a79e90939386415176907ec123d2654953ab78b143e96ec1944690086bdc0d919d","first_seen":"2025-12-07T09:00:18.523222Z","last_seen":"2026-06-08T23:29:51.855476Z","times_seen":5431,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/index_menu_icon_1.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/index_menu_icon_1.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 35402\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"8a4a-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35402,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 255 x 259, 8-bit/color RGBA, non-interlaced","md5":"cb646454d883603f960cf406701d215a","sha1":"6e042c4a756299505eacbf018ec4779657235483","sha256":"0653e588b7d31736614732b9a8c82c0abab85c7ed5b08503fd34d1b79e318c6d","sha512":"f9d75cdea9ae0c60b9b1606ceaad7c8b48ac74a00ab0fcdb0f4e4f7fe83e434f0bfc4cd63e8de7d66a6e61a41c6953e7eee0c05e09f2da942cdc07c5ac1ed75a","ssdeep":"768:qgn+kuXc7msvvIy3+3QKRa8WsulCra80F7VgAxs8HZ+JjCifL5zYcC:qgn9uXsvRboSlCK3VxsMA9CkL51C","tlshash":"76f2f1dcccb4a371c9e3d33a953cb4a56cea3441442bfc50adb6f9b54e46469ab0076c","first_seen":"2024-08-07T00:22:13Z","last_seen":"2026-01-03T19:48:03.062137Z","times_seen":170,"resource_available":false,"data":null}},"time_used":615,"timings":{"blocked":428,"dns":0,"connect":0,"send":0,"wait":94,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/right_red_arrow.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/right_red_arrow.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 8257\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"2041-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8257,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 79 x 78, 8-bit/color RGBA, non-interlaced","md5":"9991330f74abc61452f6f0d6eda31a7f","sha1":"11271624cc49cd95a2df54947990430d58fb8285","sha256":"0039055f25756fe6fe19fbfb7311f26c3d4adddf5e18f75d9b26421fd97c05d7","sha512":"52c1c9249d399d7c372858d083c92d93d8038748116f2c42c279e56bae6a2eb9d99ef66fbbaf4f055c58db35d175c4f763214f490b63c60be177770133ea4f7a","ssdeep":"192:CUngAOrvqCrBJDnsuELw/KdArxIOmtSUnRchwHSdTyVK/N6i:CojOrSELLUQrxIOKSURchwytNp","tlshash":"c602a0983e80723496cbb72b31318768d1d37d81a9423a48efd4dae496f31dcf682d65","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.034767Z","times_seen":167,"resource_available":false,"data":null}},"time_used":724,"timings":{"blocked":629,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/takeoff_icon.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/takeoff_icon.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 1821\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"71d-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1821,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 119 x 116, 8-bit/color RGBA, non-interlaced","md5":"81cae7b0e735ed09e0bc5457bffdbc90","sha1":"afc7074717a355f5d03859f91dacd05127c7af93","sha256":"5b2fd5c9fcf1c529a9c036a6697640652d0c2b64131c21784c5144cdeebb993b","sha512":"a7f5fdd061d71ec911f356155e36a62ebbb03a1cc11bd2567fa1cafa944dee9f0a445f2a6f2f483595619ee2ad0808f1ea1d0bba91f9803a086130abebe097b4","ssdeep":"","tlshash":"c3310894a77508ec724466b3b0d36b724c99e49e1ae014c83c4bc967cb104f0529b877","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.054337Z","times_seen":173,"resource_available":false,"data":null}},"time_used":541,"timings":{"blocked":432,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/js/fecha.js","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /js/fecha.js HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 13934\r\nContent-Type: text/javascript\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"366e-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13934,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"f0e103294e3a5ad49b237b1f7f0b4caa","sha1":"9470e8273562123d6ad4da69d633c2c39006ad99","sha256":"bbdda49f16212fd368206cd89bb1a41439465653d04af74b48ade1b1981432cc","sha512":"8d95ea2aee136d807a86ad1b7e8c1ab122168cceaa94b3fc0344cd3dc97fca46c78f4c4fdc41b485a772e92822fbc5114cbd2ded6312e719da0ded4977b10312","ssdeep":"192:wQ90/2KQn9fiQzZTVqAQnxziA37XVK18IblKCqdp3miA6A4+RJI9qSwlaMGzxFxh:u/2RZHA37yc3mieytr1ObO","tlshash":"c952428ea5f2604627173179899f91057a34c293356efe04bd0ca2659f2cc3d92bebdc","first_seen":"2024-08-07T00:22:13Z","last_seen":"2026-04-29T13:17:31.738542Z","times_seen":127,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":229,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":196},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/fonts/GLatam-LightItalic.ttf","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:17.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/fonts/GLatam-LightItalic.ttf HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/normalize.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 36472\r\nContent-Type: font/ttf\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"8e78-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36472,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 16 tables, 1st \"FFTM\", 14 names, Macintosh","md5":"c3fde9f5a955dd5fe625a002c19bba88","sha1":"77a72640a300e3d62ee4a2df0d50de61d75f5200","sha256":"e9bac31adb709f077885c64a67b65b6a1fb9e724e4d8ea695b01327df400dc52","sha512":"2f8554ddf9e4667cbcf69c1e295b8cddc19dbdf4e94c5f454603306e3a6f6953e47fe97919bdacf50cd9f09d996ea0a1fd63b91cd0e76c38dd0a458da73cd3e7","ssdeep":"384:l+445zxOjpbO2w2ahZxbUNqCy4wk4mNevulOY6/w32xwXPXxLoyoNqrXdOakvrgs:l+nxOjlwfWK1S6/wqwyYrXdOaNs","tlshash":"22f24e17b747fe0fe146667ecd71d3709a94f821af62ab8b71414674ec8b1c48e462c1","first_seen":"2024-08-07T00:23:37Z","last_seen":"2026-01-03T19:48:03.050192Z","times_seen":168,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":119,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/js/functions.js","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /js/functions.js HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 3584\r\nContent-Type: text/javascript\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"e00-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3584,"size_decoded":0,"mime_type":"text/javascript","magic":"Algol 68 source, Unicode text, UTF-8 text","md5":"6ae18dc9074f66eeb74a0fb3902375ef","sha1":"c411d9b4b07f2dfaea97b9b3afd9bb23f04b8733","sha256":"60645501d0ab07b5dfe402a568b6158694a62c13edfd49d1d67f033415474b1d","sha512":"0878b2d8d878e6b285f7417ed9d904b032dfc1430ccf14a960d0602a1a17d34437a4be98d384dc34296fa3359b15b2dcd84d3ed06b4a0704b6831590929af244","ssdeep":"","tlshash":"4771429984b15a1308220975245f44463122a337bcd8fc54bfee0d8c2f6d46f83fb6ad","first_seen":"2024-08-08T23:37:50Z","last_seen":"2026-01-03T19:48:03.058863Z","times_seen":55,"resource_available":true,"data":null}},"time_used":666,"timings":{"blocked":274,"dns":1,"connect":99,"send":0,"wait":95,"receive":0,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/logos/LATAM_navbar.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/logos/LATAM_navbar.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 53429\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"d0b5-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":53429,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 539 x 180, 8-bit/color RGBA, non-interlaced","md5":"0b97fcec9f64805eeaa5a708747a2692","sha1":"d2249e46fc821df17a8c51302dd25e65d7783897","sha256":"a8b870c15f2550590971d00159be295a9be0c99b7712faf9f6b7201b0874de9c","sha512":"2792dc5318d5c819e79afd94b901b38e92452236e7d3bb70ff7847b44ab43e6fe7300554dc8050a25e6c3adb978cac56a1ec5dea64f0073a03de49a02496b755","ssdeep":"1536:yrwFh54ReDBBTmvr83fh7/PRLC+CxaaIz/gj9Dsjet+cURs:28wwnG83ZLR++CEaIzIj2jeRURs","tlshash":"a333f1e5594c185b21277930342cfe98309eed3bd80f987b61dd7517062b6efa972112","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.052128Z","times_seen":175,"resource_available":false,"data":null}},"time_used":832,"timings":{"blocked":735,"dns":0,"connect":0,"send":0,"wait":95,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/Madrid_banner.jpg","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:17.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/Madrid_banner.jpg HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 99097\r\nContent-Type: image/jpeg\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"18319-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":99097,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x374, components 3","md5":"271bfcf459a893c1981337b391baac98","sha1":"fed9e869eb75da43dc05ff33f3f3f8a9b2b98757","sha256":"1ca2a62310c76d90635d88095c7e5a66ed9b071a4c9c6c6f3de7b6f64a9fcaf0","sha512":"bec817976b5a46a07baafff08c7e13ef74eadb6d661a48bc0cfcbeffc6a40522f2a2f7e71d0ee1e010dd2f0984b069879acc8fa303ca0bbbba1e27b89ec82af5","ssdeep":"3072:aN7HjUR2Sy0h2okv1qzs3sdI6RmjRAFYd:e5Sji1qQ3m0d","tlshash":"11a31381cb575b12dbf8feffa021c1216885bd0134618121376da4a77bbcba11d6d4ae","first_seen":"2024-08-07T00:22:14Z","last_seen":"2026-01-03T19:48:03.04467Z","times_seen":169,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":227,"dns":0,"connect":0,"send":0,"wait":95,"receive":188,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T16:02:15.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=UTF-8\r\nDate: Sat, 03 Jan 2026 16:02:16 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456136\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456136\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":98454,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6297)","md5":"132e1ad5b17965a191bbe26a07903360","sha1":"e2ddf1ae1949a376b6220c2668dd6fc7d96bf938","sha256":"df1096eba57673aab048abcb7a51187698ebbb1eddb261e5666297e318f06f6a","sha512":"2e7b09e07174408da7a09cefb4a59aac48d5e33c06c201ac4dc25061ac4400fccc439078852be3d53eb459719d187012d01e19df492bb59ac53ff35ce15f2eee","ssdeep":"768:iTyVtGhrn9mRP5dXZm1o2QcLBS2Rk/Xg2c6cA8OoF4IRRPZng8VO3BxnqrJJIoSk:neL4XYxq+/FpRg8mKJmY","tlshash":"50a3d7e563f462f5a04bd3e8872668253f4620f7aa12c50dbbed5ed0df0688dc84bc95","first_seen":"2024-08-31T08:35:45.953256Z","last_seen":"2026-01-03T19:48:03.058055Z","times_seen":10,"resource_available":false,"data":null}},"time_used":1370,"timings":{"blocked":466,"dns":43,"connect":108,"send":0,"wait":220,"receive":217,"ssl":313},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/ltpass.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/ltpass.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 107423\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"1a39f-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":107423,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 573, 8-bit/color RGBA, non-interlaced","md5":"3ba3a98a3cc8a62be2ba737f53c7d791","sha1":"f9fc37e056242167d47a28992227dea8b9ac1f98","sha256":"b992fb15ffb7fa2a1202a673f54e0e7cffe2b1c631e1570ed265ce4fbf0145e9","sha512":"c4d9f9a0dc0e11454eb02e96814c9f2e10590020abc348ecbdd240fdff310ef96878426d0f9e227c1bf0200765340c6a2275aabd35e554fd2f90f8273bd01e6e","ssdeep":"3072:mUQNtd2e9qiQcmTNwh4qmnvYWwVIUy+Q4ez/p:tIn2eYWhGvYPVJylz/p","tlshash":"f5a302b857009c19101522bcea2e959953c7b72fc27b140df27c18eadf8fee48d9949e","first_seen":"2024-08-07T00:22:13Z","last_seen":"2026-01-03T19:48:03.043418Z","times_seen":170,"resource_available":false,"data":null}},"time_used":1094,"timings":{"blocked":902,"dns":0,"connect":0,"send":0,"wait":96,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/index_menu_icon_3.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/index_menu_icon_3.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 45026\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"afe2-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45026,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 248 x 250, 8-bit/color RGBA, non-interlaced","md5":"f3487da4746dea87a98ad19cb3a46c68","sha1":"7028ab45fc635b99988259dec10672cd62700294","sha256":"242ab59273f6ffa8f034cfcefa94b073c256de9dad6d491f8c72cabb24076b15","sha512":"af61454212452d850c72e6d83842461b49382eee1d1f8332775d022adec85b0eee4659b57d4a9a594b85305396ed16a8e04502b95fecddf627388b829e65b4dc","ssdeep":"768:yrGCNEmw4cOEQm1Yg/td61uq6o1OpD05bnhqPgkZPtEzZSUUC:ylNuDbQe1d6XlqIkZPtqz","tlshash":"041302814dddc914c1747c069de2e58b1cda20a22c464f314fbb1a739bdbd8ab6b4781","first_seen":"2024-08-07T00:22:13Z","last_seen":"2026-01-03T19:48:03.014005Z","times_seen":170,"resource_available":false,"data":null}},"time_used":612,"timings":{"blocked":421,"dns":0,"connect":0,"send":0,"wait":96,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/fonts/GLatam-Bold.ttf","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:17.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/fonts/GLatam-Bold.ttf HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/normalize.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 34920\r\nContent-Type: font/ttf\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"8868-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34920,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 16 tables, 1st \"FFTM\", 14 names, Macintosh","md5":"b0ebed635c311c07da07b12118e6cbd8","sha1":"ba26e02b74fe61aa65f4d91a26b00b73b2159c38","sha256":"d74be4fd49ceae06f866004a8a83f9c32d2a8fff0aba3daee451e42528d909c3","sha512":"face5873ce57775d1ac0788eac04ac51a95af34d46eef792335643a5aeeb4955fd01cea7e164cbe3615948ffde1b060ade4686bfdcb013a0e7611b9ac07dfca3","ssdeep":"384:+gc//Qok7r9RK30s6N9fDyfvX6VUCoBVptotNgEXIbHefAXO:+ZBk7ZRK30bSXiNSE4bHHXO","tlshash":"e1f22a03f313eb0ed5cabb3e8962d3328564fc2a5e15578b70067639ed580ec8e955c6","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.049059Z","times_seen":171,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":96,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/fonts/GLatam-Regular.ttf","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:17.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/fonts/GLatam-Regular.ttf HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/normalize.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 34672\r\nContent-Type: font/ttf\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"8770-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34672,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 16 tables, 1st \"FFTM\", 14 names, Macintosh","md5":"e5a5b17cf8469ad1872e98af6e020344","sha1":"1129ff637a171c3a18fe65fa186cd92af99d6323","sha256":"d2c84598dd90b6733a38fafab2179931bc69ddda98192a4af876083f22aa5390","sha512":"a8770ad4ab93e36ace9773a10b245b057a5764bdf7a2765236ee63708a1177987b8b801be6ff5523d9552b4badbeaa0c7941b5b800f2868716a90ef926eb72ac","ssdeep":"384:v7W/mEQVexudjqRAXzpsvwYhoeKBadzd8f3Zen+MotNtjcoUgXD3d8:v7W/mEQeudeop8nWeWLknwPjZb3d8","tlshash":"a5f22943b313eb0fd2eab73e4532d3314958f826aea667cb714a27bdad091c84d115c6","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.038286Z","times_seen":171,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":42,"dns":0,"connect":0,"send":0,"wait":112,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/info_icon.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/info_icon.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 7064\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"1b98-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7064,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 71 x 68, 8-bit/color RGBA, non-interlaced","md5":"b937314607d54aacfc0b496fd5e625e5","sha1":"6033ea34b2a580b3895d7c66de0c137aa521108a","sha256":"2b4aace572bda11e8910161b3866e30af63df0825f5fe61c2bab28cc75addf74","sha512":"4894fd54a96f26f2b7f3c30b5685d051af155f2eb80b5eb17c0d0db63ba49a76822ee21723d089b41f63a7469fe8117aae136889c63f3e3f04a0ce1219dd79ed","ssdeep":"192:aOGHLVV46x7NkIuNDpTTzAdeOZ7b1YKlfnt81:aLR+8SDpTTzkZFYKtA","tlshash":"3be1ae9d288e60240615fe7708dfe30cfa29bebea9482617cd9d50a481991a3a707d0f","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.026275Z","times_seen":172,"resource_available":false,"data":null}},"time_used":1113,"timings":{"blocked":1018,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/index_menu_icon_4.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/index_menu_icon_4.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 28876\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"70cc-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28876,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 248 x 244, 8-bit/color RGBA, non-interlaced","md5":"af0a307457745493cf880aba3eb6c516","sha1":"0e32650bb8534199c255b470b6bac040fcd8bc74","sha256":"cc55cf2e7dd33548b2e0eaa6cacb23c47ccc7a6774b1025156c5cc24e7e16bf9","sha512":"3311361d8f3c9dc614051ca37a385f1a3b716e081444c5cb14314ffc99cbab5dc269706b1a83f61ae2e6e20b6d7a29b9d60f670c876cfc9e96eedd35f18dd7df","ssdeep":"384:GyJ0Ns5XMOHJaoa9aCXEyfg3BVIiqpYPLngWeNfIAwm+HVrC/fb1wDEJzRyEirJ1:jJ0Ns5XMMDaYJVIi6whAGow6tyxN/t","tlshash":"47d2e1bdb872896f13957c5fe72c6010c93570178e48aebfb2d9f5b8c25096d715c640","first_seen":"2024-08-07T00:22:13Z","last_seen":"2026-01-03T19:48:03.016687Z","times_seen":170,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":419,"dns":0,"connect":0,"send":0,"wait":95,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/js/index.js","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /js/index.js HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 14951\r\nContent-Type: text/javascript\r\nDate: Sat, 03 Jan 2026 16:02:16 GMT\r\nEtag: \"3a67-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456136\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456136\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14951,"size_decoded":0,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with very long lines (317)","md5":"01f4b6e6292fe359d84dc1af1c4dab2d","sha1":"80b9b18a34ba4ae4ce84cd95a99c9e3c523da959","sha256":"fdf8161363a21b468ceb190a0bd6a582c504ddbf65c443d92ce46b16c0ff5b42","sha512":"149db701357289883614431add675a03d6560812e7ce7f9f89c0259adb8e03e5d544bdb97bcdbacc5aeef40d6354658d00d480b976fd934a564b17b09f2b6faa","ssdeep":"192:qYsbSsb1emRL1qIwJF2R3Rq1xkbTZZvcXUNW0/KDGtrvo9YQmM24h99XP2Eqx0ZR:qHxzNHE9XmMfuMbQkEGIEGeEGF","tlshash":"186244ad92f5013205b708766bb7d2453610a11b6c04f86d7f6cd7f80f88a4adb637ac","first_seen":"2024-08-08T23:37:50Z","last_seen":"2026-01-03T19:48:03.052927Z","times_seen":77,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":179,"dns":0,"connect":0,"send":0,"wait":109,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/Miami_banner.jpg","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:17.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/Miami_banner.jpg HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 118016\r\nContent-Type: image/jpeg\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"1cd00-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":118016,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 600x375, components 3","md5":"e07ca3ddddc44e7f6a5405883f01785c","sha1":"5c064bb415ac2f896e2ce8a3a0b68fac65e52d99","sha256":"c3755735300bb9f1c6515891449e3deca01a7349d71037719bfa3db4bf81ae65","sha512":"a8ca1ec16defbd4f38c7c4e0f4ff3edd70591356ae2eccc87d86383fa11a8ae1835d75d31469d7611f07cf1230cb22cd6d446076e2c064a4ed70b63bf526648e","ssdeep":"3072:Ojt1+/G+k4NgEChLOvCyriB4o8jXX2fMfxeStvMyg6zt:imM4NgqKyrieo8jXXBjMyg6zt","tlshash":"6ab312084982f7e4fc0d92aaf5ebc6b006c3d85a9e065120bedc59e17b4694c9e37937","first_seen":"2024-05-22T18:47:40Z","last_seen":"2026-01-03T19:48:03.056744Z","times_seen":173,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":226,"dns":0,"connect":0,"send":0,"wait":94,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/Lima_banner.jpg","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:17.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/Lima_banner.jpg HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 215520\r\nContent-Type: image/jpeg\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"349e0-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":215520,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, description=LIMA, PERU: Aerial view of Miraflores town, cliff and the Costa Verde high way.; Shutterstock ID 682350025; PO: Uso de Imágene], baseline, precision 8, 900x485, components 3","md5":"d92d6d4eb4089434a168134bb0f4e94d","sha1":"7f2017206be99edece91146e45196822715b6baf","sha256":"fa5cc91dd703b1e7d45c223792c09f507a178cdd7a5ad49042c0410fd136edcc","sha512":"96b9801617992abc48ed52822e3e4bd63b1b7864f44d5079b93d9a0ecb58fda871f17c5430087b66ba6ecd51c1114db28b471613ae898d5065353a982305275d","ssdeep":"3072:6h1ZdNAUiay2+0yxgRaCVyLyHSUryppXE/Byr9HVUUMR0B4/rOYq3DoSHTdHRRsl:qdo0yu8C8LyHQ3xMR44bq3bzdstZTMaZ","tlshash":"f4241256486a397aa52e73e1a8de040a3c9bfc576c01210ff19c6ec62fe69940fd3725","first_seen":"2024-04-15T18:11:40Z","last_seen":"2026-01-03T19:48:03.03264Z","times_seen":186,"resource_available":false,"data":null}},"time_used":513,"timings":{"blocked":226,"dns":0,"connect":0,"send":0,"wait":95,"receive":192,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/create_account_banner.png","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:17.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/create_account_banner.png HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 227453\r\nContent-Type: image/png\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"3787d-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":227453,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 346 x 499, 8-bit/color RGBA, non-interlaced","md5":"7a65c3a33aaa341fd0968d82ee382f13","sha1":"f38859a47a4f645e1c5130de02b2a7eb7afb53d5","sha256":"37c488f32d30c3339b1f8c5acf3e0d7bbe4fb818925a4212d65f89104e092bbc","sha512":"aaa1284a39216f94265821185196f75a5989ae050ebeb0b7e126f7995b25f8b5791a9076a3aa37d3cf725ce4344a2fe84422b90670dbc63afac41e8b4fb6b0b4","ssdeep":"6144:R82fiW5AHfxf8dN2wtvswf1EEMhONFiE3baKwI/Fb/Jm:R8HGN2AvV1EEdFoHW/I","tlshash":"bf2423f30a5c6027f996e97bf087915721e3129b14e466368570e10c7936a92ff2d3e2","first_seen":"2024-08-07T00:22:14Z","last_seen":"2026-01-03T19:48:03.022069Z","times_seen":169,"resource_available":false,"data":null}},"time_used":613,"timings":{"blocked":497,"dns":0,"connect":0,"send":0,"wait":110,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/assets/media/Medellin_banner.jpg","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:17.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /assets/media/Medellin_banner.jpg HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 216283\r\nContent-Type: image/jpeg\r\nDate: Sat, 03 Jan 2026 16:02:17 GMT\r\nEtag: \"34cdb-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456137\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=lvQ5UtsBVQDjXpnBDtsHnOHqFE8NXd9K0Xku8wbFtfk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456137\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":216283,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, description=The skyline of Medellin, Colombia at sunset, manufacturer=Canon, model=Canon EOS 6D, xresolution=154, yresolution=162, resolutionunit=2, software=Adobe Photoshop Lightroom 5.3 (Windows), datetime=2015:03:25 14:21:33], baseline, precision 8, 800x533, components 3","md5":"b6ba5453c8ca95484a76d4392653f0bb","sha1":"fe70f8d423430fb7388887247d5083d6812e0e9f","sha256":"9d1ff7f6914997d2c00b7458055e8da3e683fa52b101eeb94bac7a84f4b21f8f","sha512":"c3eb59faa3901250a5e5b71155d339b64bf6bce4b255128077d76d21c04b5c49d053677a5d35273deb31d7bce05970305c2788ce3bd9a151425e8c149bf1acc6","ssdeep":"6144:Ajj/DBc/ev8BFVLk1bli+bcyGAwWnEWhdIEX:AX/DK/ev8BI1bl7bsk1hdIW","tlshash":"3d24025cfda088c0e8bd867b34ef89da7ab25665aee3011fb5fd19607f241c01953938","first_seen":"2024-04-15T18:11:40Z","last_seen":"2026-01-03T19:48:03.036865Z","times_seen":178,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":171,"dns":0,"connect":0,"send":0,"wait":109,"receive":115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/normalize.css","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /css/normalize.css HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 7470\r\nContent-Type: text/css\r\nDate: Sat, 03 Jan 2026 16:02:16 GMT\r\nEtag: \"1d2e-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456136\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456136\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7470,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"88b0845f6dbca6cec6c30fb85137c430","sha1":"83af797e9fac1aab50ab096acf480e8904059263","sha256":"ddd1335f14a3bd33609b7c965bb7b17a6ffdeb62c4745ce5b84f0ba4a0eec733","sha512":"e6ff401abbdc97d2b19d0696795e4ef86c760fe8681f8bc28f69f71ee625a7c5b29cd0f5d6634690a0b5b1181f215e0ae3572d025847be82e61c960cd1372b94","ssdeep":"192:FjAswBcQ/e88c4htkzoWTS9BByqfA+fo8TIJ:FuD+tBBy0I","tlshash":"84f1ef191fe42ad351610cbc771f2685f309422bb2a86c9978fa13e88f45b79d7a43cd","first_seen":"2024-06-19T22:00:46Z","last_seen":"2026-01-03T19:48:03.046162Z","times_seen":106,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":110,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"airlinesltmgroup-9cd49b43ac32.herokuapp.com/css/hotel-datepicker.css","fqdn":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","domain":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"23.22.130.173","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/","date":"2026-01-03T16:02:16.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /css/hotel-datepicker.css HTTP/1.1\r\nHost: airlinesltmgroup-9cd49b43ac32.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://airlinesltmgroup-9cd49b43ac32.herokuapp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Length: 7980\r\nContent-Type: text/css\r\nDate: Sat, 03 Jan 2026 16:02:16 GMT\r\nEtag: \"1f2c-6476d145e5dc0\"\r\nLast-Modified: Fri, 02 Jan 2026 19:54:39 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1767456136\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=%2FDTv67e1RhdbTTzg4FKJxKTzrxrNwWwB5iK9EAkJ7z8%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767456136\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7980,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c0d6dfda33ffeab2a05be1e5079fdf09","sha1":"e77d5e34e75cb01c4984c69f0c6b484690c5bd36","sha256":"177c66768975022c645eed2731d1b680542162e55ff3c204580133e2f468c5bd","sha512":"09f69f7fc1bcd7d1c98fd2aa15963ce8fc6be8f2d682d75da239ed7d255643290b5110dc43cd2892e3eeb5c0bc7281b5038db481c0b7851293f1004958cd3977","ssdeep":"96:yKbuvI7SL36C7lhii79ePgCbtQ8qPVv55FYZYFLjynBvoN01LVpR7u2+D:1uz6eRsdEa+RgBm01LVpR7u2+D","tlshash":"d1f1af9eb1610e0e322b97583662fb07632b588b590add35bb5020194fdcf540fefa96","first_seen":"2024-08-07T00:23:54Z","last_seen":"2026-01-03T19:48:03.031341Z","times_seen":101,"resource_available":false,"data":null}},"time_used":660,"timings":{"blocked":271,"dns":1,"connect":95,"send":0,"wait":95,"receive":1,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-03","alert":"Phishing Block","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"airlinesltmgroup-9cd49b43ac32.herokuapp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}