{"report_id":"eaceb89b-394a-41b9-9592-e81df8781516","version":6,"status":"done","tags":[],"date":"2026-03-29T02:49:44Z","url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.3","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"title":"Security - Page Appeal","dom":{"size":351048,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (617)","md5":"8c72066495266db8887c3f0a2ab8f18e","sha1":"ff55f61aba58076ae5ad646eb57544a4f391916c","sha256":"7f127c03f7009f9cb7958d16fe8fd0c41ad1af5d95cb18c7f25231aa3ca0069b","sha512":"284db81c9bb8227e1f68a132f97174102ff3cce49a83aa38fea2529032dfec120787bead4d5a5fc3ecdc38a8b8378b8c4a7ba0d550f58bed0ead8fff8226677f","ssdeep":"6144:UUq1d0IC7HQBEUSFKyRkcVcmkBfTAlv4XKIIThC:tq1d0UTSFKy2N","tlshash":"da74a42312f831370137c1e9256b4737f365984bba970a043e9c87e91feeca1a577668","dom_hash":"domhash3575acc5f599c16df4be783df008b6f7","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.3","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-03T02:49:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-29T02:49:21Z","timestamp":1774752561,"ip_dst":{"addr":"104.26.5.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46612,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed External IP Lookup Domain (db-ip .com) in TLS SNI","source":"{\"timestamp\":\"2026-03-29T02:49:21.763969+0000\",\"flow_id\":2051197245689805,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":46612,\"dest_ip\":\"104.26.5.15\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063074,\"rev\":1,\"signature\":\"ET INFO Observed External IP Lookup Domain (db-ip .com) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"api.db-ip.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3439,\"start\":\"2026-03-29T02:49:21.757709+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-03-22T22:23:33.61086Z","alert_count":0,"request_count":1,"received_data":465310,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-03-22T23:23:48.195369Z","alert_count":0,"request_count":1,"received_data":88519,"sent_data":457,"comment":"","tags":null,"fingerprints":null},{"fqdn":"luffiwsoeneimafko.vercel.app","ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-29T00:26:45.943104Z","last_seen":"2026-03-29T00:26:45.943104Z","alert_count":36,"request_count":18,"received_data":1173756,"sent_data":9072,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"api.db-ip.com","ip":{"addr":"104.26.5.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2010-05-18","domain_rank":669398,"first_seen":"2017-01-30T02:58:03Z","last_seen":"2026-03-23T15:22:01.997921Z","alert_count":0,"request_count":1,"received_data":988,"sent_data":470,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-03-22T22:31:48.48691Z","alert_count":0,"request_count":3,"received_data":304349,"sent_data":1429,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"246cdd9342d6df668fd36e314d7a3ffd","sha1":"e7f22a012295f5927074845f8556da9e50390261","sha256":"6e9718d5fbecd8e2f158db327e1e58f2b865bec456b59f058c0b8c65a91ac0b6","sha512":"4e4df852fac01c666fff9f5c3c7e90617b3d87ff9c9ca6be8d716e8849ee23d8c8d1db611f85be8e47727732654e83a74c0afc972ce5c13668060d53824ff3e4","ssdeep":"1536:5wkcpyQYq19XxReciupZvKST0VFsBbGFCVvzBT11EUD97cuqmSIC7HQBEUNpyFx6:G/Uq1d3B2IC7HQBEUSFKyI","tlshash":"b4e3300a33f56432425bb07a592fc60ab335a4472a4aad0c3e5c56dc5f1d87867f2fb8","size":152281,"data":"","first_seen":"2024-02-15T03:47:53Z","last_seen":"2026-04-05T11:02:24.206756Z","times_seen":15116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"17d9bd10a1e4630f667888cf5ec1a129","sha1":"dcbc0297d8e55f9646a7c51c3f5931e47dc43ea3","sha256":"a27058d4fe5b086921416f7b32fd7e05d855eef7659d01f35c05e84102f17b99","sha512":"1bcd8bbf6ba465cc709313b9111b382814f73281474c7c3f644761da03a13a91d9653480d34ddb85d8aa510bf56a5ecb99d7b3e60a42ee84b90fdc1c9acdcc00","ssdeep":"","tlshash":"62e06826939209245af7b2e9d24f9310193aa00138c9e82e668cd2841da2e56c1febcc","size":372,"data":"","first_seen":"2025-07-06T14:17:39.326865Z","last_seen":"2026-03-29T02:49:47.372571Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7cbcaf6eaf3c1dd0ba090e03601c41f0","sha1":"151b5fc6d0c9a6077f8e074ff8975487e5e1df2f","sha256":"417e480b30e556c923ec16cebccbbe1a37a275fdce2be01745be7cb08daf63e2","sha512":"29ebf023b5dbcdbd98c1bfe0689e9ef2a1bd0b89f2c1818f38ad909ab6d2f2bc8414f6d1e4993bae1093aa15742483306c5175f6371f1485e0d5ff127d574eb5","ssdeep":"","tlshash":"b5d0a776679519304ef391a9226aa7056535c1423cc5ec2f6a8c66802ec2f55d1fe5c8","size":244,"data":"","first_seen":"2025-07-06T14:17:39.327751Z","last_seen":"2026-03-29T02:49:47.373347Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e1abede2b1e12c67edde78e0bd9b067f","sha1":"84d63d9c364875e5b36affa7edfd0af2630bcb63","sha256":"bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d","sha512":"04d675c77f51307f9463294e5b8d7d6de6863b4c2a75290eee98b5ad80d8728f4e2f7baf5da0bf193a80e4ee0254ada3e0af599280cd4921d590440a920c1d8b","ssdeep":"3072:u/dJ0y8AAYjLs3OwPl0n04XU343EhY2xZ+b+Ihnz15XC7sS8JtZ4mLETQCAtQ59v:adJChoYtxZ+b+IhJDKR","tlshash":"7134ceebda3c9736a1d97b35968eb3cd5a8cbc93c848567826c3b54f53788e0706c205","size":246621,"data":"","first_seen":"2023-03-07T01:27:34Z","last_seen":"2026-04-05T12:08:09.111035Z","times_seen":7139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-05T11:19:25.325307Z","times_seen":136580,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3edd31c7a0371af06d714ca479808dee","sha1":"eaf11285d3b5593d666da6837d6c834f5614f61a","sha256":"32e343a3d26ddd039f4f95587ced16ab59e263fab366741ffbd04cc3a9a11bff","sha512":"d162aebfb3197f1d1be26a003a62a2ef2d43e9adbfaceacc83bbdffd0b64d63ac1f64e577284e92d4c480d0da858609d95388c08a695f57f328c5148f3859f90","ssdeep":"","tlshash":"8941cbec759cc68d45ab705f83cdb4149bf10029f912c412f4cd16821fba892c6138ed","size":2276,"data":"","first_seen":"2024-02-15T03:47:53Z","last_seen":"2026-04-05T11:02:24.207297Z","times_seen":14580,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"caf7bdf0ce3f11830af1d3dd0dbf931e","sha1":"958a4413837457b5e3b66ca292736de8286eafa8","sha256":"b0de6c6e01a16a20bab373a1e7f7b5f3ad48d1b85210965d8c956319f8ac329f","sha512":"7838f953bfa1c129087cd76d5f7a05bfb8dbf7e308861450a3b64331380dac48e7f0417b1e42d58f3ae7cbe0a50eea81bb3db2035d3150c9b7d731ebaca926f6","ssdeep":"768:c1D7GzOol+D45YMJR3kWG6UdCDxgtmKg3vTpzaDNCY5R:YfGkWodCFgtmKgNzaxCq","tlshash":"a7d2f9a973511637a89aa0a1687f16472ebf34015a84cc8cb87ecdcc1feced9a175734","size":29362,"data":"","first_seen":"2023-04-05T15:31:11Z","last_seen":"2026-04-05T12:08:09.102888Z","times_seen":10484,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a284805d97d2e59e6be8c6a0f9c0fc40","sha1":"cb45181da16ff4be68426b992b6ae731f17a2b88","sha256":"c949dee4e9f3c9780d95b607d1f7b5e7283d3af1a1fb0663324f453c17f3dc40","sha512":"1694f489699505a10d9babcc093db3e512b93e74ebac768df1c147da8b68f6c4641fe8ed3f70273ce11df629507eb00c2650f606669c6ef136acb026498664a4","ssdeep":"","tlshash":"e711494b35f65776467760757bd6815020a502371dc0ca947e2c4b061f588e5abf2f98","size":1024,"data":"","first_seen":"2025-09-29T18:11:44.197149Z","last_seen":"2026-03-29T02:49:47.37468Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2ebd7dad51679fa6e9d61ff23bde8cd0","sha1":"8c4a4fe7dd85361a623651dadfcb3c037bd350be","sha256":"cfef44dc7a8a97f394d884490279ecb3ff562bfe07012e6a2ee5104346be4bcf","sha512":"9cde3d069ef62cf2fc9fec25e6aa32cb07d4e4b13d572b2e9a69d8bbd4aa5108fbce0ace653eea5fb984cab7b154f09f0f007027d7eb087a6e789c43527452b4","ssdeep":"384:Szh6i4lL0Gplm01fKd9ceGNZLmqbIYOeb2F+v4uk4skb1B4Mj4tArU97xvr6wZBm:+L3aZLGX96Mq","tlshash":"68b251799dba06b01f9be1bf49ef1341b170405b5800e8047c6c8a805fdae6756bebf9","size":24950,"data":"","first_seen":"2025-09-29T18:11:44.198686Z","last_seen":"2026-03-29T02:49:47.37535Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-5EKS54VX5P","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2aa92b8fca9412af276c88c47580b564","sha1":"db6f94b8e7a7042eda31a8d4f82ec52ebb244ff3","sha256":"5747bb5244758261f76aa78c23ca00e5512ce0998687ae48e905e738fbb6294f","sha512":"d1e7c93b70ef96b83010ab72144daaf96968e3e697a71daabf4c7e7827c0be671c0932b7092088aad30b01d438a72d7daad8e446ab6d4369fdeadc92c0f4e005","ssdeep":"6144:sSORjaFCE9VJlQGXHIzs8WVP1W+rwkQdqQtYTc0HdZgQ0:vCEfJlbIY8CmOp0","tlshash":"08a409ceb3d674615296e478903f01cba57b29e2b44cc8a6f189cce02e7465a4277f7c","size":464706,"data":"","first_seen":"2026-03-29T00:26:50.801572Z","last_seen":"2026-03-29T02:49:47.36568Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:40 GMT","end":"Mon, 01 Jun 2026 08:37:39 GMT"},"fingerprint":{"sha1":"5F:99:6E:26:2A:3A:DA:FF:7F:0D:EE:C5:8B:2A:01:AE:28:26:AD:C4","sha256":"2B:88:E7:79:70:E5:E9:DE:0E:A9:0A:B8:F1:F5:C6:D6:10:77:F0:C9:0F:E6:2A:13:A3:D6:08:F9:89:A3:60:E8"}}},"request":{"raw":"GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30462\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 27 Mar 2026 19:26:21 GMT\r\nexpires: Sat, 27 Mar 2027 19:26:21 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Tue, 12 Sep 2023 02:38:22 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 112980\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87533,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-05T11:19:25.325307Z","times_seen":136580,"resource_available":true,"data":null}},"time_used":471,"timings":{"blocked":218,"dns":1,"connect":11,"send":0,"wait":9,"receive":8,"ssl":217},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/bot/id-verified.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /bot/id-verified.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 49684\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"id-verified.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"56af35c59e34cef0e455b292a4d1908c\"\r\nlast-modified: Sat, 28 Mar 2026 13:01:16 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::7zl7p-1774752561303-2803397649f5\r\ncontent-length: 868\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":868,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"56af35c59e34cef0e455b292a4d1908c","sha1":"a6e89fa4704b1de8545661c29be1b98b8fb1de5d","sha256":"0a63c06e30d6c569649d0a93982c4f2c2f89a483df2b90a8378964b6e2855f5e","sha512":"e1aca665a1a8e3a2f4873c92559a424b61dfdfda13d62c8441e270baf6d4a7ef374f6089c4ec9b2ce758fe4e8bea5d50b688818b6d2869432b6dad6e3f1ad444","ssdeep":"","tlshash":"401152ed8278aa7f452acb0ee084561c3d71a01e940aa81c30d9e0bad332e0b57f9912","first_seen":"2025-07-06T09:11:55.639496Z","last_seen":"2026-03-29T02:49:47.347684Z","times_seen":124,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/img/no_avatar.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /img/no_avatar.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 49684\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"no_avatar.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"d5d30f28ca92743610c956684a424b7e\"\r\nlast-modified: Sat, 28 Mar 2026 13:01:16 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::w9dr4-1774752561321-7b09812f68c3\r\ncontent-length: 6043\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":6043,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"d5d30f28ca92743610c956684a424b7e","sha1":"fd4a7207b724254d981a4ed4c7f675fd87868535","sha256":"4b842e25c6be485fd7f06b745ac91db2b6e9eee778c5442b157be78d51f83563","sha512":"7d0a522805b0a34b33f48791bbbfdfc361b9d91ee9d5843d67e8e1a774f9d8dad42c7d0efa429738a0680fcb8d71dacc4b47e22f1daa8ce718dbf36e6db35328","ssdeep":"96:s7xaydiMkBvGfzBKIFuC/bG6UAlQloqPZ6UtCjcphNixjT0vtK9E0NJGNKIX3D7b:s7xxr3oFloqPHtCQViV0vMVUj3D71rrx","tlshash":"fec19ee35fd67937430ad6fb6ee962c62b416188acb5f24c023373406157c548fa5e2d","first_seen":"2024-01-09T09:55:04Z","last_seen":"2026-04-05T11:02:24.19612Z","times_seen":14117,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.db-ip.com/v2/free/self/","fqdn":"api.db-ip.com","domain":"db-ip.com","tld":"com"},"ip":{"addr":"104.26.5.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"db-ip.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 09:58:49 GMT","end":"Sun, 24 May 2026 10:58:41 GMT"},"fingerprint":{"sha1":"9C:C8:5E:19:D1:34:2F:4E:E5:5A:5B:02:7E:E3:30:E9:12:0B:14:7B","sha256":"9D:1E:B4:71:9D:67:5C:72:8D:D6:35:75:E1:03:30:27:BC:A9:94:3C:27:19:3D:9F:7A:71:85:6F:69:C3:F4:2C"}}},"request":{"raw":"GET /v2/free/self/ HTTP/1.1\r\nHost: api.db-ip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://luffiwsoeneimafko.vercel.app/\r\nOrigin: https://luffiwsoeneimafko.vercel.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\ncache-control: max-age=1800\r\nx-iplb-request-id: A29EDE0A:3B79_93878F2E:0050_69C89331_773D9CF:1A0A0\r\nx-iplb-instance: 54033\r\nlast-modified: Sun, 29 Mar 2026 02:49:21 GMT\r\ncf-cache-status: EXPIRED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NekBlC7pbME6A4yV5WrZnB1R4Hid85IynuCAEb%2FzYK0tbUeO2j8xgZKSwbPbdzwcAkdBl51scgi0GCY%2BlBI8fp13moJk94N7pgAYVAmazNfBbWylafD1%2F%2BtwaJ1jmlA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e3b8f971f74b4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":208,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b3cbea51f9a9fcaf6275e88da822e6aa","sha1":"b9740712e7a8e51a3cfa95a11c75c671644c5ab2","sha256":"9976a8ae9b1a43de4fb568b400d7026c135c71935aa1041418252b0882ba41ff","sha512":"6d8eaa66b856c1b0793c4d39da790212306dd5a7679f87e3310dd3c478277ffa360497c29eb2512f1b7c681881732862077d0185f2c3a3b0452db396bb69ea52","ssdeep":"","tlshash":"62d01234c9082e5749e4744a644e196212107647cf05315e7f9cdf9d0fd8dbf30340ad","first_seen":"2023-05-09T17:22:56Z","last_seen":"2026-04-05T11:02:24.20187Z","times_seen":9577,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":56,"dns":36,"connect":1,"send":0,"wait":141,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 1970\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5f902e0e-62a6\"\r\nlast-modified: Wed, 21 Oct 2020 12:48:14 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 675656\r\nexpires: Fri, 19 Mar 2027 02:49:21 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4kaOF5aQf6NtpO7KXo6jbvnPYtFlq%2FcTAfUhuDmflbQxMBJzNSHu3bx3uXkvfSDtyk2Te3ZTeYs%2BB91jGFOp5lECx2vzv%2FAB%2FaKATF3LZ0taIIbXgtpnfA%2FEHH7%2F%2F8dyPrG7Xtdi\"}]}\r\ncf-ray: 9e3b8f944e52568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25254,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"a69aa970266649e0b08c2cb4bc166568","sha1":"d9314a52085a2bb6d284421bb18a4c546ecb73d4","sha256":"ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491","sha512":"8315a8c3c328eaaea92dad571ff09c1fc2728920c4b62c0957bf04f83f903f41156ac16cf30297ab5e86f022c3e022764a7a271ebe0b9bfc98d9f488dbe71b9b","ssdeep":"384:HzITF7FWhTmwAmDQTeIcQeIWi7mZlsaAaniXlvhdB:HqF7FWh/Hib","tlshash":"a4b236678bb32945b92bf2a1196406a237375c0bf81a4f2d63d639bddf490e014f37a1","first_seen":"2023-04-05T15:31:11Z","last_seen":"2026-04-05T12:08:09.100742Z","times_seen":27418,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":22,"dns":0,"connect":1,"send":0,"wait":10,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/bot/calendar.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /bot/calendar.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"calendar.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"bd1fed76ddbb6b27fba56e99ce33a4d5\"\r\nlast-modified: Sun, 29 Mar 2026 02:49:21 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::5khpf-1774752561299-36075efe53a1\r\ncontent-length: 1023\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1023,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"bd1fed76ddbb6b27fba56e99ce33a4d5","sha1":"0b2a1caa10c52e686d15f159a046f06136473cc2","sha256":"70e32bcc659ebc16352b84979f32a510494e5f22d3809882e39f2c349c146816","sha512":"2b6b9670090cad2dfcb6a559255dd6b3ffba3387aa550bd084df3a59539b04399ad1028ae6d5cb1a2512a79b534d488a40ec1aee24ce1f04ef65d81e2ef33521","ssdeep":"","tlshash":"2011c8ebf02a313d905ca7552899c32a69b967710e229adbbc780e17861f350a23d7d0","first_seen":"2025-07-06T09:11:55.630521Z","last_seen":"2026-04-03T07:02:20.825066Z","times_seen":154,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/img/meta-logo-grey.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /img/meta-logo-grey.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"meta-logo-grey.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"ffba640622dd859d554ee43a03d53769\"\r\nlast-modified: Sun, 29 Mar 2026 02:49:21 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::8zcst-1774752561304-15a6a00af7d4\r\ncontent-length: 105511\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":105511,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 900 x 240, 8-bit/color RGBA, non-interlaced","md5":"ffba640622dd859d554ee43a03d53769","sha1":"c91a100db7bfc04df9a5f3223d5b6f17536bf5ee","sha256":"139d38d0fbfed2fd9f2b782af9b3eb08005b9bc75faaa31fe29720cc64bcab0f","sha512":"70c7c4df14a22e00a0caf1daf001e608454604fa0b4c13583efac7a8caff6c726d62c024f9e0626760b524f7d08184e4e30cf4a49be505acb1f9d29cfce35993","ssdeep":"1536:VudXKa4pprle5L3Ve48HXzXl4F4fTy9AeC9hhxVK0cYUFLWyMjmy/Yu:/xe5UHDaCTy9bmPJURWBjma","tlshash":"efa3022ee1d5311eced3515032d47e985a86ace5cf421c08758cca9b8f34e994aed3ea","first_seen":"2024-01-09T09:55:04Z","last_seen":"2026-04-05T11:02:24.197529Z","times_seen":15302,"resource_available":false,"data":null}},"time_used":402,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":399,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/img/dir.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /img/dir.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 49684\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"dir.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"aef2b30f6701ba271c07e3e26ffc416e\"\r\nlast-modified: Sat, 28 Mar 2026 13:01:16 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::s6fqx-1774752561319-72535d40a50e\r\ncontent-length: 5071\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5071,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit colormap, non-interlaced","md5":"aef2b30f6701ba271c07e3e26ffc416e","sha1":"71cb73ec54a5fc973ccd4f4127b6716f6370709f","sha256":"60a4bddc93553f14c2dfef0299fa5f3ad0e4005f7b8054e34db89b8afe6a0f2f","sha512":"c743db1fddf637fc568e6bb8fb39b3c752fe57a26764db5b79be4102f2997392b8620cdf337885ded9337470fb304da852c98a2ac3e7bc8e72cb12880d9b8b28","ssdeep":"96:+ucvBzkcoiWTe8MBzUCRtm4gs2ZrxtLRxQ1kM911BK79p1/1qFu:+ucvdkGWJyoDPZrx1s11BK/7V","tlshash":"fda17e245c30c7f83af617e2aa91951e7e1be0b66f15ff801d2f15214d23885a781b87","first_seen":"2024-01-09T09:55:04Z","last_seen":"2026-04-03T07:02:20.820845Z","times_seen":10251,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/img/block_2.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /img/block_2.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 49684\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"block_2.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"8942e3ff39cd6784c7c89bd6eb26d604\"\r\nlast-modified: Sat, 28 Mar 2026 13:01:16 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::dwjjg-1774752561298-ae6c306558d5\r\ncontent-length: 18787\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18787,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 101, 8-bit/color RGBA, non-interlaced","md5":"8942e3ff39cd6784c7c89bd6eb26d604","sha1":"b03e96fa075ba36fc3d6729fb312f0a59c2a023a","sha256":"9b7c1670777cc38a18fc6b98443b40036fde8de97cdba6087e2a31a1de9e748b","sha512":"af5040882b3ba0d18c56b5cf0cad4c2f8e6fcbabda8b85d0284dab2662a5bab76e38ce6fdd261b27a394d55e58f427aba7edbe8d3a8a33ee422d43cba85bf741","ssdeep":"384:RLwiYUB+GVTS4XHEHc6jMfHrk0T0U0t9424sWnUq5/cYC1/KNk7:miYdvGH+MDk0Y79jjBqRcYcKNe","tlshash":"d782c058d78053e1602cc99617a890bb8a578433259fcc67fa5e88c57fa079d390b3ce","first_seen":"2023-12-25T05:22:01Z","last_seen":"2026-04-05T11:02:24.203943Z","times_seen":15111,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/img/2FA.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /img/2FA.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"2FA.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"03d39d5d071182aba1b01ba2e859de39\"\r\nlast-modified: Sun, 29 Mar 2026 02:49:21 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::dwjjg-1774752561310-84bda01b1967\r\ncontent-length: 114767\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":114767,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 541 x 252, 8-bit/color RGBA, non-interlaced","md5":"03d39d5d071182aba1b01ba2e859de39","sha1":"7ba8f968b03e92fd59a6c4f6ce5c8aa36a5d2b92","sha256":"a7fd65363687e512751d88f7850b61969427e8d3aa9a177946bcd4bc280b71ad","sha512":"5bf4d0b9ff650ff11c8ff69c409c45fbfd31bc3f8c4b55f665bea8e11a42c412b9ea25b9974908ab9b670a22e80a445692a26b98535b84cb49299c37c22e16e6","ssdeep":"3072:SOEFifYmNYKElSiLVN6MOzKqJdnJYJe4kiUh6sq:SIZYKEzmXZdJ8eYx","tlshash":"3cb31251b4a03e28e812f3ea73d7f49a4c71e374785d41a294047ec7e72da56f04afa4","first_seen":"2024-01-09T09:55:04Z","last_seen":"2026-04-05T11:02:24.198613Z","times_seen":9503,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/styles/bootstrap.min.css","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /styles/bootstrap.min.css HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"bootstrap.min.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"283509923579fe13ffda122bbf5a8c8a\"\r\nlast-modified: Sun, 29 Mar 2026 02:49:21 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::qqccb-1774752561290-be97eab2d734\r\ncontent-length: 27945\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":205617,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (561)","md5":"2ed048a086c0f8bf7112f4008611ba46","sha1":"580dcc9130af74ede5b9951bda7dc1b8bbbab96d","sha256":"346aa4e4cfb6593ef6932c5a866b4a46abc52b11e25712e425a2ee7dac81755f","sha512":"06ba396cd6f796342d0fdfdd0e54b130987af83bebf0e83441e5ce455842a16bc599ec626ae6055a240cd6c03eabe6a90c1489053064f20ba305af908b3fa568","ssdeep":"1536:XfnPT1pbCiFWWfZWn/zIEnXSEc6/rs9mfDF0pJ4OaW6F:XPCi4F0pJ4OaW6F","tlshash":"3714420ae9f31959988b806859ee6bb5637c4083d31edd79bd4f3398cf492c14d62f88","first_seen":"2024-08-19T19:09:24.329473Z","last_seen":"2026-03-29T02:49:47.356486Z","times_seen":14,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 8889\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5f902e0e-72d9\"\r\nlast-modified: Wed, 21 Oct 2020 12:48:14 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 325510\r\nexpires: Fri, 19 Mar 2027 02:49:21 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QcN1j56Ud0Vi8R9rGQB%2B3WuFPW4Z%2F%2BC3agLjfRm1giXJLH138peNx5J%2F6cYqTwzpdRezAbS%2BEiA9rE%2BRe%2Fbl4VRJeuFmVBCoEoawr7fA7XiOSZp3msBJSaOK5m8la6%2BPfC4Fpddi\"}]}\r\ncf-ray: 9e3b8f945e57568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29401,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (26959)","md5":"caf7bdf0ce3f11830af1d3dd0dbf931e","sha1":"958a4413837457b5e3b66ca292736de8286eafa8","sha256":"b0de6c6e01a16a20bab373a1e7f7b5f3ad48d1b85210965d8c956319f8ac329f","sha512":"7838f953bfa1c129087cd76d5f7a05bfb8dbf7e308861450a3b64331380dac48e7f0417b1e42d58f3ae7cbe0a50eea81bb3db2035d3150c9b7d731ebaca926f6","ssdeep":"768:c1D7GzOol+D45YMJR3kWG6UdCDxgtmKg3vTpzaDNCY5R:YfGkWodCFgtmKgNzaxCq","tlshash":"a7d2f9a973511637a89aa0a1687f16472ebf34015a84cc8cb87ecdcc1feced9a175734","first_seen":"2023-04-05T15:31:11Z","last_seen":"2026-04-05T12:08:09.102888Z","times_seen":10484,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":22,"dns":1,"connect":3,"send":0,"wait":8,"receive":1,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/img/444.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /img/444.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"444.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"d940f9c780c77c033d7a82baaa8e6286\"\r\nlast-modified: Sun, 29 Mar 2026 02:49:21 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::qgtdm-1774752561299-81186c2e95b7\r\ncontent-length: 118348\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":118348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 506 x 300, 8-bit/color RGBA, non-interlaced","md5":"d940f9c780c77c033d7a82baaa8e6286","sha1":"f2ebd3d6f46b940f77ae15deeca2f2d33e6c7f09","sha256":"2586b8825af967b202bcd006856a1f1917a28fb919b107d239c3caffacdd524a","sha512":"809f3100e9d6a10dc0f1e051d1aa0bf3e0d7adf9bf5114a642d5607cd594d232517a63a907600b4500e76ddf2537c6bd55c9c4eb730dcdb0500b5cce600afb71","ssdeep":"3072:s6estwzZ11/RlRRZytGT2fs4dYo68cwUITHaX9cW:s6e8UZ11JlROMyEdHnGHaeW","tlshash":"94c31205e66e2dfa6723e4aef5af25691c0c68b0d45797303ce20dfa7c201d96c58c57","first_seen":"2025-07-05T20:49:37.078618Z","last_seen":"2026-03-29T02:49:47.35819Z","times_seen":43,"resource_available":false,"data":null}},"time_used":500,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/img/doc.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /img/doc.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 49684\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"doc.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"95382a6dab40d5911185a921c53e6f6b\"\r\nlast-modified: Sat, 28 Mar 2026 13:01:16 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::s6fqx-1774752561304-5ffe5de10fda\r\ncontent-length: 5723\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":5723,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"95382a6dab40d5911185a921c53e6f6b","sha1":"4229cb577571111d747021988aac9dd6cd50634f","sha256":"e341d9055288dfcd7dd5facab6c915f6b7bcffbf80f8b48468c7275b8cada069","sha512":"58dfd1656f931bf14044a8d4d790ccd3369a33d42aea35774bf4b0f2242173795c86fde3280d74849be492bbc50d4515f3f3985f93766559544da37e9988bc03","ssdeep":"96:upH/omZ4SOy3uxD+WxV6jD9/zIvNVCvEknBgSjERtW82iAsuFQAIFbISS2V0wZ:upHRZ3qKvZzMGvBg5RuaAIFc5ohZ","tlshash":"89c1af99f79ec4b282d44b322cab03918b39702160116bed319d9375fe9d74cc9284f1","first_seen":"2023-12-25T05:22:01Z","last_seen":"2026-04-05T11:02:24.205Z","times_seen":15466,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/styles/style.css","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /styles/style.css HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 49684\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"style.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"faa4eafeb5e96019009badae7377309d\"\r\nlast-modified: Sat, 28 Mar 2026 13:01:16 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::8zcst-1774752561295-b59557ff94c0\r\ncontent-length: 3161\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":11887,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"39f1e9cae0dd65de87cd93643b74f736","sha1":"b383fc97f59bfaf6365c32c30b88ad588e858b3d","sha256":"1fd3b40907c0121d8a6ee5a36418138dc0d6f4d634e21bbda29d590901ba99be","sha512":"c7eb95b672e599174b1a28957f10a571f86ab27d9def9c393e52ebdf87de200be97615bd81c8d48bf00424952fc327835a17ff9f2216b296a9d179926800ef97","ssdeep":"192:UCMX2zWiFwLKIDum0iXMnq63yTm7SIv0IuFK9/dF+1dlcf6IyHppUIfeVP:JxAHYn5z7h81F0/dF+vlcfUBsP","tlshash":"893253926ef51608b52ad4a538e3af56f35d8083850eddbc7ae4318c8ecd2c555be38c","first_seen":"2025-09-29T18:11:44.131218Z","last_seen":"2026-03-29T02:49:47.359724Z","times_seen":4,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/bot/barcode.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /bot/barcode.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"barcode.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"921a0084b7d0ea06826ec7a74d4f7036\"\r\nlast-modified: Sun, 29 Mar 2026 02:49:21 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::dv4pr-1774752561300-360e281877c4\r\ncontent-length: 926\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":926,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"921a0084b7d0ea06826ec7a74d4f7036","sha1":"4e6b73ef01e0e50d37ffd4e3baddeed30c8dc7a7","sha256":"a6ed07b7c170170f09244f22a6da8e812d99284871f934dfa86bba5e07ed73ce","sha512":"2c97ecf530829ef410651dabfa6eb932f99db8defc2facff9bae3eb22729bff53804354e843709215f5bc73fb4d983703a536fe00201e9249f33beb82d74bf81","ssdeep":"","tlshash":"5c1184b92e4c952ac20c773792bb8902f93f8b1e3776c90470bbb0125c954308495d57","first_seen":"2025-07-06T09:11:55.624792Z","last_seen":"2026-04-03T07:02:20.826166Z","times_seen":154,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/img/save_img.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /img/save_img.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"save_img.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"8d3bcd1278891fc1e52d38e72549b3d0\"\r\nlast-modified: Sun, 29 Mar 2026 02:49:21 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::jfmkk-1774752561304-4d51209e329e\r\ncontent-length: 7550\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":7550,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit colormap, non-interlaced","md5":"8d3bcd1278891fc1e52d38e72549b3d0","sha1":"af1ab86b5a3993c468c3be9c59a8ed3d9091454d","sha256":"8fc3f44a189200b47c93a90ad8dffe40fcdeda8a718e62bb4baf98f00d536e97","sha512":"e8c73ab69e70bdca02c1c7004947186455c632692311b4ca91d1bea143ce7f0b986dc0b0623b8ae82f9561549337171b3e89a55f7bcd92964fe214ddab1c4feb","ssdeep":"192:ri4sn8ZlCLFUm5Dk3CqDEkV8YaTETosC1nEDuO0f+htV:rfsn4CBnKCqYkaUoseEDuO0C7","tlshash":"d8f18e4d66788d2d74db13ab8c3b69b38d3e2b809e52692ecb574058356962e830fc06","first_seen":"2023-12-25T05:22:02Z","last_seen":"2026-04-05T11:02:24.205544Z","times_seen":15471,"resource_available":false,"data":null}},"time_used":357,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":356,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/img/fb_round_logo.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /img/fb_round_logo.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 49684\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"fb_round_logo.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"81bb5cf1e451109cf0b1868b2152914b\"\r\nlast-modified: Sat, 28 Mar 2026 13:01:16 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::8zcst-1774752561310-221662609681\r\ncontent-length: 42676\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":42676,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced","md5":"81bb5cf1e451109cf0b1868b2152914b","sha1":"b70017639afc079394be1ea8625f7c4beb44d617","sha256":"676c83478e410d324fe56aca428d3305505732c648667b22e15c8222117c75e6","sha512":"1782966b78f57cc91392f3ff03f05d37e0a5fd8b04b0997b2ef708d13c162ea4aad607e7705a36e0539d6a6b60337432ef271bff062f7170018b42c9b8b81de6","ssdeep":"768:QJ6R1m5mLWd4WdvyQqjv9YRNt2ZDmzqSqBoruj6f3drrFpY85JW81Cl1xB+aArel:QJ41emLWxdv7C8Nt2UzqSuu46v9rvY8I","tlshash":"b613f1da546bcdfec2f950b418ffe653f43ad07b1a8c446fe644eca2ec518a024e2641","first_seen":"2024-01-09T09:55:04Z","last_seen":"2026-04-05T11:02:24.198057Z","times_seen":15330,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/img/phone.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /img/phone.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"phone.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"3c18a93313e72ab9967152a4e92aa238\"\r\nlast-modified: Sun, 29 Mar 2026 02:49:21 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::lfnfk-1774752561310-18b6eff12588\r\ncontent-length: 255341\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":255341,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 640 x 280, 8-bit/color RGBA, non-interlaced","md5":"3c18a93313e72ab9967152a4e92aa238","sha1":"74671591dd7cc381c6ec6de1137b83c0e2f4d7ec","sha256":"fbc7addde1cd6057bd59c03941fcf38a6ac17dd90312d142ebd7520891c3656e","sha512":"4533459dba5b435eb888caa9b413a662fb111cd030d5befc6e9b34659fb95031f119de6f80f08f0c8311039073cacf66d3c0bf7acc5146579c3ca70e7f9c9905","ssdeep":"6144:T0ptcriv/k0R7NwRuB6VZfExzYwPlUTsaTq7IT8bbGvAqj:OOev/jNGuUP2hL7ITn","tlshash":"dd4423075785db6223c2bfe74a4e381c4975e8b544d0b5a536e21adf1fc89c7acc628c","first_seen":"2024-01-09T09:55:04Z","last_seen":"2026-04-05T11:02:24.194479Z","times_seen":14818,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/img/star.png","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /img/star.png HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 49684\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"star.png\"\r\ncontent-type: image/png\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: \"aae920faed2a3fe4c3083b339cd783df\"\r\nlast-modified: Sat, 28 Mar 2026 13:01:16 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::8zcst-1774752561319-9f903a90a710\r\ncontent-length: 1980\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":1980,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 41 x 41, 8-bit colormap, non-interlaced","md5":"aae920faed2a3fe4c3083b339cd783df","sha1":"be5e47195c28b585d65478e2399d0d5f9b74435c","sha256":"f75d9bcacc1a1aabc6f93c383f5494307d91f7f302c266626d6dc92b4b86585e","sha512":"968d180a7d9a2fe273a075174f6e7b4561a060f37fd7b1c6f12b2fd7a7d653318672f298245373b15f9aeca1982b2138546f300d48ec2dafaac73f3339147653","ssdeep":"","tlshash":"2d414c54345724a0d24b0be3d2a1bee3e0123e995ce0362c169048b4ffbad49d0e691a","first_seen":"2024-01-09T09:55:04Z","last_seen":"2026-04-05T11:02:24.202409Z","times_seen":14075,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-5EKS54VX5P","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:36:15 GMT","end":"Mon, 01 Jun 2026 08:36:14 GMT"},"fingerprint":{"sha1":"58:CB:88:A1:C4:55:4E:E5:46:DC:A0:9C:B3:54:25:79:20:1E:E8:09","sha256":"0B:B5:96:A2:57:57:EC:BA:63:14:8A:AF:4C:C2:32:63:18:8B:75:80:8F:78:1D:1F:5B:00:B7:B3:7E:C9:B7:18"}}},"request":{"raw":"GET /gtag/js?id=G-5EKS54VX5P HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\nexpires: Sun, 29 Mar 2026 02:49:21 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 154434\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":464706,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"2aa92b8fca9412af276c88c47580b564","sha1":"db6f94b8e7a7042eda31a8d4f82ec52ebb244ff3","sha256":"5747bb5244758261f76aa78c23ca00e5512ce0998687ae48e905e738fbb6294f","sha512":"d1e7c93b70ef96b83010ab72144daaf96968e3e697a71daabf4c7e7827c0be671c0932b7092088aad30b01d438a72d7daad8e446ab6d4369fdeadc92c0f4e005","ssdeep":"6144:sSORjaFCE9VJlQGXHIzs8WVP1W+rwkQdqQtYTc0HdZgQ0:vCEfJlbIY8CmOp0","tlshash":"08a409ceb3d674615296e478903f01cba57b29e2b44cc8a6f189cce02e7465a4277f7c","first_seen":"2026-03-29T00:26:50.801572Z","last_seen":"2026-03-29T02:49:47.36568Z","times_seen":2,"resource_available":true,"data":null}},"time_used":356,"timings":{"blocked":141,"dns":0,"connect":10,"send":0,"wait":23,"receive":29,"ssl":141},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/intl-tel-input/17.0.8/js/utils.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 29 Mar 2026 02:49:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 45687\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5f902e0e-3c35d\"\r\nlast-modified: Wed, 21 Oct 2020 12:48:14 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 696686\r\nexpires: Fri, 19 Mar 2027 02:49:21 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SdPMDQkMxZNoNn%2BrJzV%2BgGdY9onUmJkN47za7%2B5ni5zqjBUB%2FtXausfAbI43LG8ZFfIwKZZUfFCgyPBiZxKl4nahb8f8NVadRuoqBvn%2BtkexbHylyE68pa6i8%2B0QO2jrFYrQcrXX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: 9e3b8f9879c14c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":246621,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1654)","md5":"e1abede2b1e12c67edde78e0bd9b067f","sha1":"84d63d9c364875e5b36affa7edfd0af2630bcb63","sha256":"bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d","sha512":"04d675c77f51307f9463294e5b8d7d6de6863b4c2a75290eee98b5ad80d8728f4e2f7baf5da0bf193a80e4ee0254ada3e0af599280cd4921d590440a920c1d8b","ssdeep":"3072:u/dJ0y8AAYjLs3OwPl0n04XU343EhY2xZ+b+Ihnz15XC7sS8JtZ4mLETQCAtQ59v:adJChoYtxZ+b+IhJDKR","tlshash":"7134ceebda3c9736a1d97b35968eb3cd5a8cbc93c848567826c3b54f53788e0706c205","first_seen":"2023-03-07T01:27:34Z","last_seen":"2026-04-05T12:08:09.111035Z","times_seen":7139,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-29T02:49:21.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /vanvjabxba.html/uofhlckapcvbmwl.html HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 49684\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"uofhlckapcvbmwl.html\"\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: W/\"e7235be56fd02a76fb6569be9854353e\"\r\nlast-modified: Sat, 28 Mar 2026 13:01:16 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::qqccb-1774752561082-b0e34b3eb92e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":256404,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (617)","md5":"e7235be56fd02a76fb6569be9854353e","sha1":"d8ce5e128a0dcc1a78e81de3fc772c1e256a4764","sha256":"7010825751fe3878ad1a3f140a87bc761cda7e998136e01945bb001c356d914d","sha512":"cd22962b5ea76ec9321c53540efbdbdee5d828808cdac0f372a39b0126e5a48bb45dec858ded295338bdef324dd063b92410956ea9c64ca35f64fb44a8021b97","ssdeep":"1536:jwkcpyQYq19XxReciupZvKST0VFsBbGFCVvzBT11EUD97cuqmSIC7HQBEUNpyFxo:U/Uq1d3B2IC7HQBEUSFKyDKkL21fj","tlshash":"8544f75a32f92176018ba07a5e2f860b7731a047564a99083e5c06dc0f5ec79e7b7ff8","first_seen":"2025-09-29T18:11:44.160509Z","last_seen":"2026-03-29T02:49:47.368958Z","times_seen":4,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":56,"dns":33,"connect":1,"send":0,"wait":10,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luffiwsoeneimafko.vercel.app/ico.ico","fqdn":"luffiwsoeneimafko.vercel.app","domain":"luffiwsoeneimafko.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.131","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html","date":"2026-03-29T02:49:21.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /ico.ico HTTP/1.1\r\nHost: luffiwsoeneimafko.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luffiwsoeneimafko.vercel.app/vanvjabxba.html/uofhlckapcvbmwl.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 34746\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"ico.ico\"\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Sun, 29 Mar 2026 02:49:21 GMT\r\netag: W/\"6701a4ba0b931af579be35b93631da04\"\r\nlast-modified: Sat, 28 Mar 2026 17:10:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::qgtdm-1774752561906-68914d6bce0b\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5430,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"6701a4ba0b931af579be35b93631da04","sha1":"c8161484acccdd0cae1cd6484f56942cb7ffd7dc","sha256":"ce8a22ece441cfd0f09fb0359b8d683fed0e66f8bec0bbc067a8257c95b05fd8","sha512":"c09e65509b04f904bb74c8aa78c099f4d195426293711f5eb6f3c47d6c27b9c278898cfd718fafa5418e40498b7904d818a8dd654a956694550d0b43048151c2","ssdeep":"24:Eg5ed8vZa+/kffJTyN5J5iXSvjTxatgFFjiZq1MJMaDgD6VDcl2HPwFf5zaTrZ4l:yfqHUs6hcEI5KrZ4jaJV9HxG8Q","tlshash":"55b1aca0b2931348f4f811b0c343748d7bec2c438ca25a53a6bb3acd5dfc19892531d2","first_seen":"2023-12-25T05:22:02Z","last_seen":"2026-04-05T11:02:24.206154Z","times_seen":13268,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"luffiwsoeneimafko.vercel.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"luffiwsoeneimafko.vercel.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}