{"report_id":"fecc02d1-4569-47d7-ba3f-2cbd5fe104e5","version":6,"status":"done","tags":[],"date":"2026-03-21T06:18:34Z","url":{"schema":"https","addr":"claim-pippin.fun/","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"claim-pippin.fun/","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"title":"Pippin Airdrop","dom":{"size":2965,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"b5143490e03bd0771a0f8c356e7d5236","sha1":"81167c85db3f945d7d41849ef7551872c990e0a7","sha256":"25cf8f9312738bfd6fb2991395f0e3cf518950104c9ebf5efc4515562c3e3ca5","sha512":"df82407d63a444776cc57165003a80933a4b5c05ff958c19fb1c4864ec848a55aa82599d79aef2e339d2cf2662b9594275708bd883a28902093a61219ef08785","ssdeep":"","tlshash":"92514663d5a4c82b6270c6512da7714cf9a2849ba3282c16b2e85dcb5fd1f82c473317","dom_hash":"domhash90e75585ed707083152048fa8f9025ae","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"claim-pippin.fun/","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-25T06:18:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"claim-pippin.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"claim-pippin.fun","ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-20","domain_rank":0,"first_seen":"2026-03-21T06:18:35.388081Z","last_seen":"2026-03-21T06:18:35.388081Z","alert_count":8,"request_count":8,"received_data":662129,"sent_data":3672,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-15T22:16:12.279722Z","alert_count":0,"request_count":3,"received_data":123513,"sent_data":1658,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-15T22:19:58.945817Z","alert_count":0,"request_count":1,"received_data":7018,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"claim-pippin.fun/","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"bdc1e26db4da3cb6fe5f16b536ecaa01","sha1":"10bc7c7f7a71eb2f58402bc4033480d1b829abf4","sha256":"baa55027577343dc92d206fd4a4752c5b81dcef87a05b78d74c0e4aec79c6b63","sha512":"1eb95217aba6620495d3ced626f88fe87c1a58dc615a10f4d18eaf38bed9f97a86b58c6c898a2ecbfa2e54d69973108d3e23f835c33ddb846cf3c4713438c0a5","ssdeep":"","tlshash":"18c022a0d5a08d320928109a353962c52230182c1192a4cbc3bc8c8aac8ce804944500","size":188,"data":"","first_seen":"2026-03-21T06:18:38.59608Z","last_seen":"2026-03-21T06:21:26.582525Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claim-pippin.fun/script.js","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dfad77e6b85ad2f8fb716f4e2ef1d0be","sha1":"4c23afdcbdf9e2ac62c3da28e38ab92afa38338c","sha256":"ac3acaf0ebfb318711516312d4a0438118f8d21ebbc6ce2ddc12483c5939def9","sha512":"e84c1c01e260cd6a48691fd28e614b5f61979af94b51a479a8bd961b0bebdb9fb65768b7d57fc84d01f55bc69df503800b7bef5641493c58c333f858e147e71d","ssdeep":"","tlshash":"1931bb37227428b541bb4169d3cb67a579204083a841da1179ed8a8c2fc26c9a9f2ecb","size":1512,"data":"","first_seen":"2026-03-21T06:18:38.579125Z","last_seen":"2026-03-21T06:21:26.58062Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claim-pippin.fun/secureproxy?s=%2Fipfs%2FsRA16sbxlIHotOpmTKMGKA34ab5d7117ef87f5a01f949523ebfb49%3Ft%3D1774073893578","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"053abac9270ae50a76c2a815eb911470","sha1":"f50eb50fd391b8c95060ad509c64544ddafe901c","sha256":"01f263647562b721284c126dd978a03cc4c40ec08227fedfdf6147616a9d9c06","sha512":"454838236469f3c268a596062fbc744e1410d3e11aa512db9adf1df314029ddaa8907412b6aa33ab06cb43eee5104442262931d1210a3597dbb967772c1a640c","ssdeep":"6144:qh5gDT6Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qsTZunzvlzSWP8p0Q+Bz","tlshash":"97d499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd098b5e379b8351e5998","size":634387,"data":"","first_seen":"2026-03-21T06:18:38.581787Z","last_seen":"2026-03-21T06:18:38.581787Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"claim-pippin.fun/style.css","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://claim-pippin.fun/","date":"2026-03-21T06:18:13.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim-pippin.fun","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 18:35:36 GMT","end":"Thu, 18 Jun 2026 18:35:35 GMT"},"fingerprint":{"sha1":"FC:A2:19:E0:ED:35:7A:9A:46:FD:35:FC:63:36:36:76:52:DB:AD:5D","sha256":"C2:32:45:D5:28:FA:DC:B0:F8:7C:2C:89:81:86:94:CE:4C:DF:44:C2:FB:0B:3E:9D:57:6D:7A:32:8F:06:1E:2A"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: claim-pippin.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claim-pippin.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 06:18:13 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 21:53:23 GMT\r\netag: W/\"69bdc1d3-23d6\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fhl4SyhsvD7WCWRXxonVQ4p0fOAe%2BtK9G0V0aU%2BsfJ1lWKPjoBZTmA2uxQJZgKmwjlfiFBGAqC5GMSRbxz11g%2B9AwjfkyLp7U8KLJpqsRlE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9dfad68b0dd9b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9174,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6007c02b180ec717caa2c20ee29618ff","sha1":"67406e8b07a67f4c42b3e6be824677316ca17e3f","sha256":"f516aaf84941f0599065d78cc1448ae9e154e34f7020a40542df262e68bb7305","sha512":"d218f72299c9fdf15787ef246a652fbc76eb34a5f0ed925d73c1f23b7b2080dd7916bc5dc79986db447650bef093ae357454d940629de5958ae153f554d19146","ssdeep":"192:3Y0F5oJVXzMZ48plRrbfbiG+9twibDysiYl2ooZ4eb:IGnRPiG+9tH9zqn","tlshash":"82124e917fe58029785bc56438d3d72873acd182c90eedbd7af02068bf8d2a554b2b4d","first_seen":"2026-03-21T06:18:38.572784Z","last_seen":"2026-03-21T06:21:26.573303Z","times_seen":2,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"claim-pippin.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claim-pippin.fun/pippin.svg","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://claim-pippin.fun/","date":"2026-03-21T06:18:13.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim-pippin.fun","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 18:35:36 GMT","end":"Thu, 18 Jun 2026 18:35:35 GMT"},"fingerprint":{"sha1":"FC:A2:19:E0:ED:35:7A:9A:46:FD:35:FC:63:36:36:76:52:DB:AD:5D","sha256":"C2:32:45:D5:28:FA:DC:B0:F8:7C:2C:89:81:86:94:CE:4C:DF:44:C2:FB:0B:3E:9D:57:6D:7A:32:8F:06:1E:2A"}}},"request":{"raw":"GET /pippin.svg HTTP/1.1\r\nHost: claim-pippin.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claim-pippin.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 06:18:13 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 21:53:23 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69bdc1d3-86f\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZZV%2ByseMII9yrwy5tAwQFE0Z8hkJAc%2Fx%2Bti2%2B7JGhW9zwBd44CmvUYk6CP83MkSvfpXT%2FF9LqhwL3PA5pE1g0jP1bYMd%2F807CSccmLX6x58%3D\"}]}\r\ncf-ray: 9dfad68b0dddb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2159,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"66b1938a5247a2553998b300e71c4f1c","sha1":"a2eeb47a2dd8401f46f42657a6874834da3a276f","sha256":"c589f3ddd8b64e04355b9d01a47d0ee39795690cc287a17667c602abff5a6b87","sha512":"7d6ded886b5ee6d9054125cccf77ae41549704e5ad4be07637e32b883bd5c563ee49ba8166d5ee359de85478520995afa4cbe74c38c6dbd8e91591f3d9fcb9c4","ssdeep":"","tlshash":"81412a64a30c1679f62f8368ebad34ab523f70ddd71c20991d901ab0a0942ba5db71ec","first_seen":"2025-11-23T13:36:34.243259Z","last_seen":"2026-03-21T06:21:26.574511Z","times_seen":15,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"claim-pippin.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claim-pippin.fun/script.js","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://claim-pippin.fun/","date":"2026-03-21T06:18:13.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim-pippin.fun","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 18:35:36 GMT","end":"Thu, 18 Jun 2026 18:35:35 GMT"},"fingerprint":{"sha1":"FC:A2:19:E0:ED:35:7A:9A:46:FD:35:FC:63:36:36:76:52:DB:AD:5D","sha256":"C2:32:45:D5:28:FA:DC:B0:F8:7C:2C:89:81:86:94:CE:4C:DF:44:C2:FB:0B:3E:9D:57:6D:7A:32:8F:06:1E:2A"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: claim-pippin.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claim-pippin.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 06:18:13 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 21:53:23 GMT\r\netag: W/\"69bdc1d3-5e8\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M3yYWsqBFvm1AO2fyHqnzlN4RG%2B1SNL4yRSasgC%2FlJyW1pSaZwpl23WqY8fFxVpdmZmffea3ntUImdvMPMtnM6DRF1hxY6JV5cPU9nC0zSU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9dfad68b0ddcb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1512,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"dfad77e6b85ad2f8fb716f4e2ef1d0be","sha1":"4c23afdcbdf9e2ac62c3da28e38ab92afa38338c","sha256":"ac3acaf0ebfb318711516312d4a0438118f8d21ebbc6ce2ddc12483c5939def9","sha512":"e84c1c01e260cd6a48691fd28e614b5f61979af94b51a479a8bd961b0bebdb9fb65768b7d57fc84d01f55bc69df503800b7bef5641493c58c333f858e147e71d","ssdeep":"","tlshash":"1931bb37227428b541bb4169d3cb67a579204083a841da1179ed8a8c2fc26c9a9f2ecb","first_seen":"2026-03-21T06:18:38.579125Z","last_seen":"2026-03-21T06:21:26.58062Z","times_seen":2,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"claim-pippin.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claim-pippin.fun/secureproxy?s=%2Fipfs%2FsRA16sbxlIHotOpmTKMGKA34ab5d7117ef87f5a01f949523ebfb49%3Ft%3D1774073893578","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://claim-pippin.fun/","date":"2026-03-21T06:18:13.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim-pippin.fun","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 18:35:36 GMT","end":"Thu, 18 Jun 2026 18:35:35 GMT"},"fingerprint":{"sha1":"FC:A2:19:E0:ED:35:7A:9A:46:FD:35:FC:63:36:36:76:52:DB:AD:5D","sha256":"C2:32:45:D5:28:FA:DC:B0:F8:7C:2C:89:81:86:94:CE:4C:DF:44:C2:FB:0B:3E:9D:57:6D:7A:32:8F:06:1E:2A"}}},"request":{"raw":"GET /secureproxy?s=%2Fipfs%2FsRA16sbxlIHotOpmTKMGKA34ab5d7117ef87f5a01f949523ebfb49%3Ft%3D1774073893578 HTTP/1.1\r\nHost: claim-pippin.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claim-pippin.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 06:18:14 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: max-age=2592000\r\netag: W/\"9ae13-9Q61D9ORuMlQYK1QnGRUTdr+kBw\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=QnbKfDVDQ4s-0EqNqU9b-g.js\r\ncdn-proxyver: 1.49\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 03/21/2026 06:18:14\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: bb563a88223ece6524c0d745e7a64051\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=enrEtyZm2QxmVeFmLr93o%2BxoULZLFPOQvbOY2HdhwEtMHhsh%2BVVhZByV90RP8TPLLDBFW69ycIhyVSkme6bwZA24fJHp8QYS8kSEXzgQ9k0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dfad68b0ddeb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":634387,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"053abac9270ae50a76c2a815eb911470","sha1":"f50eb50fd391b8c95060ad509c64544ddafe901c","sha256":"01f263647562b721284c126dd978a03cc4c40ec08227fedfdf6147616a9d9c06","sha512":"454838236469f3c268a596062fbc744e1410d3e11aa512db9adf1df314029ddaa8907412b6aa33ab06cb43eee5104442262931d1210a3597dbb967772c1a640c","ssdeep":"6144:qh5gDT6Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qsTZunzvlzSWP8p0Q+Bz","tlshash":"97d499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd098b5e379b8351e5998","first_seen":"2026-03-21T06:18:38.581787Z","last_seen":"2026-03-21T06:18:38.581787Z","times_seen":1,"resource_available":true,"data":null}},"time_used":740,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":647,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"claim-pippin.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://claim-pippin.fun/","date":"2026-03-21T06:18:13.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://claim-pippin.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 16 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 390026\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T16:26:46.354317Z","times_seen":209913,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":88,"dns":7,"connect":8,"send":0,"wait":9,"receive":13,"ssl":70},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claim-pippin.fun/secureproxy?s=%2Fjmpd%2F","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://claim-pippin.fun/","date":"2026-03-21T06:18:15.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim-pippin.fun","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 18:35:36 GMT","end":"Thu, 18 Jun 2026 18:35:35 GMT"},"fingerprint":{"sha1":"FC:A2:19:E0:ED:35:7A:9A:46:FD:35:FC:63:36:36:76:52:DB:AD:5D","sha256":"C2:32:45:D5:28:FA:DC:B0:F8:7C:2C:89:81:86:94:CE:4C:DF:44:C2:FB:0B:3E:9D:57:6D:7A:32:8F:06:1E:2A"}}},"request":{"raw":"POST /secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: claim-pippin.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://claim-pippin.fun/\r\ncontent-type: application/json\r\nContent-Length: 1439\r\nOrigin: https://claim-pippin.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1439,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QB7AINAx8AEwCwAtcCIQAgAycAAgEAPwMAAO8nhn2XtsKCASIJgad4sDf-UO0pvGcCAAA_0teht5ABLn69msS3PBbGEFGPAh7ahLby0RGkfTGsHQFgljPpTxl6JkdJbMA8IN8lnPveseraQJiIS78ZmWWZlBHhkRjiGEmMVNKXin8pWHLjiZLeM8PX4t576GXW0z0K6FqnLSMG67fu2FjvTS0_nwNUMToBm-0CBDh7WJ7CHPs8VgDBfqpWZm1EUijYMz0h6KrHvGhTySNb2uTM5kWRrW1emBn97qU6jzTWQumpm0aY2pYhzFn9HojqW8KIGGraQBLZXSkuUVS8_oZLuz75H0oZnnhOVqYIv2ce4EFAixdX7X08NhZMi0ISQSQV52dPQ3dTryKmDykjRPRgcUcC8qcc7gVEq-Rw_l4PjqeBFJDcMP6Rx7HKHci3NT_GNML01TdySJlTPIAGGQosU8vyeG4G3NbJBb5uuYZZuakDLdeRVqfFzB6S8C2oAVanGke9GXpZOykhQIqGBsRn1PpaIsxQuv_5S4giR0EVjBDdLrbjmw_BKf72j1PpqgQwLb9YgNBE8ey21G_3vpH9Lp-lLl6d0b7ifKaOYP57xC6NqiCVAZk7XiFJ9Lk57Lq1KGD0FZ3Zfdt5s4RiH48Ds4gbQDt7PpMJRGaOTRu7AygiFobzgpqzykFDOJ3qnCEF8pdlxyoRaJFtjNq4E2aJSR02AtV1yoxAp2ZJN1KYkaxoyUBD4euOTO1n8e5FjcNGydUuO2axmKFY61DhKNB7BDlSJMuBqt-jsLqbO0tqJSUHcO602POVLyp8Y0LRVzwx_FDfV1vZvQPV8iUzKIxVFqHcBS4A7REBcvoMz7jG4dYBvu72gb00_hcdUENkyZ7H6mqr15L6ops859ftWkJowFrFi3jptDotT32QL7eE3GTmSEiB5s40Ac6pWskv6KqXyM2OoCfoArvRfNUaaPwUvuL-fD1TMvuwSrPnTH164LJDHtWJ-JUw9syRR_7J5Yzap-7BJZfeK2ofuleLyV9BX8yEK2pdeQ8ZFz7mb5Mrp3Wi0DLpky5KJlPplzkL537wKr0JQCspQeGOOVpB_GX0nBtr-Uf6vA0lG170qFQ9mZwwIuut3Z_Gy0cWBh-f_X3TiGkBDiSgL6Hl7iPXdjCTSdvOPwr7q-Ez0zN_hUabUPlL00s5LDeW_RA\",\"challenge\":\"eyJpZCI6IkdmWHlvb3M0U002MVR2dTdiUHExekEiLCJub25jZSI6NTE4LCJoYXNoIjoiMDBmODgyMDA4OGUxNmM2ZTBjYmM3MTg5ZjI2OGFhNDE1MzkxNTdjOTQzOTExZDYwMTJiZTEzYzAxNGQxOGZmZCJ9\"}"}},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 06:18:16 GMT\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9999\r\nx-ratelimit-reset: 1774073955478\r\ncdn-proxyver: 1.49\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 204\r\ncdn-cachedat: 03/21/2026 06:18:16\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: 4f9265e584236db2ded65ee5f5806f7c\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yALHfOjTtMhBED8Tf8wz2Y3tUrcu9%2FsILDDUV569hB0MvxvCMz3aaVKEcFslIkRboudczUXZotXlAEhiPzRiRpB3gMiu2hXGaARxqAX9pm0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dfad695bfc4b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T16:33:36.180633Z","times_seen":16390792,"resource_available":true,"data":null}},"time_used":751,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":750,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"claim-pippin.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claim-pippin.fun/","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-21T06:18:13.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim-pippin.fun","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 18:35:36 GMT","end":"Thu, 18 Jun 2026 18:35:35 GMT"},"fingerprint":{"sha1":"FC:A2:19:E0:ED:35:7A:9A:46:FD:35:FC:63:36:36:76:52:DB:AD:5D","sha256":"C2:32:45:D5:28:FA:DC:B0:F8:7C:2C:89:81:86:94:CE:4C:DF:44:C2:FB:0B:3E:9D:57:6D:7A:32:8F:06:1E:2A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: claim-pippin.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 21 Mar 2026 06:18:13 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 21:53:23 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5PSg4eDjkEjati1Z4fBXthS7gVCDo4schPNG7lJxV7ILFWIFlKtOChof19ZEow5lDKTZZQxXYjLEvfb6scNKVXwyXfBbkEDiqZ6EEN6wm7E%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9dfad688ea1c5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2737,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"2474a027419ab630fb6af72798e44cde","sha1":"9be36038a3502c3ec42d19fa627b0f628f724d43","sha256":"9dfbb45b5cca00ae297a7e6765c3031a213da372751d2af25fd486435817f999","sha512":"75bc026f951979570b4f183940d0a3235ea424072d24bd1bed7244cc5da55c88b1044895b4be2f6560783e0b79ef818a109c20f01875560c50d35406acac5a6a","ssdeep":"","tlshash":"645145a3c5e4c82b6270c2512de77148f9a28497b6182c11b2dc5dcb5fe2f82c87332b","first_seen":"2026-03-21T06:18:38.586746Z","last_seen":"2026-03-21T06:21:26.577017Z","times_seen":2,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":63,"dns":49,"connect":1,"send":0,"wait":179,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"claim-pippin.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;600\u0026family=Patrick+Hand\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://claim-pippin.fun/","date":"2026-03-21T06:18:13.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"63:D1:AE:99:1E:49:D7:6C:71:F3:BA:F5:BA:47:74:1E:EB:90:E7:D6","sha256":"69:90:BB:9D:82:60:82:88:FF:CE:F6:B3:3D:DD:B5:B5:FB:F0:56:17:FD:FA:0D:BC:9C:5B:83:51:98:0D:2F:CF"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;600\u0026family=Patrick+Hand\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claim-pippin.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 21 Mar 2026 06:18:13 GMT\r\ndate: Sat, 21 Mar 2026 06:18:13 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6332,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"7c83853483e40a517b445405c067343b","sha1":"44771fa61f3b568e49121266eb0e890da8ee4acd","sha256":"94ac2ff7ed049b4a305f1371c1c58ecf70494d6af363f6b0bd09120198a423ab","sha512":"e3af34815a6ec330a81708bd4e58525200cd23c9e1df5ded8ad574f901b983640bc03b4f9b0f9502df7a7ebcdb3fe15c98aff258cefcc0d570e9a123358d7d3a","ssdeep":"96:aOEaNqOEaXFZHOEamOEaO3vOEaBOEaBJc+uTOEaNcNDOxMaNqOxMaXFZHOxMamOf:9NNIxO34OxDNNryfO3iExlqTCd+MM","tlshash":"62d1cb92002ba400ab831dc223cf7f3aaece50856089d1795ffd0dc95cead66536875d","first_seen":"2026-02-14T10:01:57.755288Z","last_seen":"2026-04-25T16:00:31.387531Z","times_seen":6,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":61,"dns":1,"connect":8,"send":0,"wait":22,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claim-pippin.fun/pippin-logo.svg","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://claim-pippin.fun/","date":"2026-03-21T06:18:13.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim-pippin.fun","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 18:35:36 GMT","end":"Thu, 18 Jun 2026 18:35:35 GMT"},"fingerprint":{"sha1":"FC:A2:19:E0:ED:35:7A:9A:46:FD:35:FC:63:36:36:76:52:DB:AD:5D","sha256":"C2:32:45:D5:28:FA:DC:B0:F8:7C:2C:89:81:86:94:CE:4C:DF:44:C2:FB:0B:3E:9D:57:6D:7A:32:8F:06:1E:2A"}}},"request":{"raw":"GET /pippin-logo.svg HTTP/1.1\r\nHost: claim-pippin.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claim-pippin.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 06:18:13 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 21:53:23 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69bdc1d3-470\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BkiC8tSJITd7FoUbRIIK0%2FTR6Oe6fkOrEXGI2tRgsfBaYunk1ByfXxW8v2MTNPO1UTei9uXYTM8Ro5MlUXby29D83jlCQlrFAEWFcyRwzuc%3D\"}]}\r\ncf-ray: 9dfad68b0ddab1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1136,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bcbb3cc8f0f84e3c58f54f5aca42c861","sha1":"6b8250c472cc40717999ceff524d07901fb3d844","sha256":"4f532d3e02096933b109dd0f7bd6303d1ca6e11f488baa0b5076ab1f332c1181","sha512":"76483288e765a69002e74a61cc1e73caa4f6004418b609f2ac6021b7a38456bb010e377144a0e7bec4e4f69d6704c500ca0eea5de559d19bd521b9fb5cd0a828","ssdeep":"","tlshash":"fb21f9909a1929a4ea55816a9f183039522bb6d766072045384e2170bf903dfaff7fec","first_seen":"2025-11-23T13:36:34.225048Z","last_seen":"2026-03-21T06:21:26.579772Z","times_seen":15,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"claim-pippin.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://claim-pippin.fun/","date":"2026-03-21T06:18:13.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://claim-pippin.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 16 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 390026\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T16:26:46.354317Z","times_seen":209913,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":133,"dns":1,"connect":10,"send":0,"wait":10,"receive":4,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/patrickhand/v25/LDI1apSQOAYtSuYWp8ZhfYe8XsLL.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://claim-pippin.fun/","date":"2026-03-21T06:18:13.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/patrickhand/v25/LDI1apSQOAYtSuYWp8ZhfYe8XsLL.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://claim-pippin.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23944\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 18 Mar 2026 19:26:22 GMT\r\nexpires: Thu, 18 Mar 2027 19:26:22 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 27 Aug 2025 19:53:52 GMT\r\ncontent-type: font/woff2\r\nage: 211911\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23944,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23944, version 1.0","md5":"56bc7c81e5dab1c0dbced2f566ea7af1","sha1":"2fed35146651eedadc1aeb447e86f64b5284c1fb","sha256":"ac5bc9033b2572bf84d39f7150c1634e37ed16e8dbee632d6d0bceac0bbf0199","sha512":"28a6bf4e2e0cb782eeadf87f5cffb50b5eb0a2d0338c043f2aee924c56bb808056ada12c5e84334c20af7538a563a70fe0feabf787f222bd593e9802d9632b50","ssdeep":"384:nz5jNWZ6kojXBrFH84Mvxu6mna+hPW3aW9NHEWamBau2yplayt+TT24MjYq4DR3t:nz9gZ+7sxn+iakHVaujlaytWKXG9KQXl","tlshash":"88b2d0e4a8c8b738c20d3d3ea64c1e319442266e87db2d7c8645909eded7b1e2355b4d","first_seen":"2025-06-22T05:56:30.576853Z","last_seen":"2026-06-11T14:36:18.099648Z","times_seen":239,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":127,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":115},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claim-pippin.fun/favicon.svg","fqdn":"claim-pippin.fun","domain":"claim-pippin.fun","tld":"fun"},"ip":{"addr":"172.67.161.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://claim-pippin.fun/","date":"2026-03-21T06:18:14.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim-pippin.fun","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 18:35:36 GMT","end":"Thu, 18 Jun 2026 18:35:35 GMT"},"fingerprint":{"sha1":"FC:A2:19:E0:ED:35:7A:9A:46:FD:35:FC:63:36:36:76:52:DB:AD:5D","sha256":"C2:32:45:D5:28:FA:DC:B0:F8:7C:2C:89:81:86:94:CE:4C:DF:44:C2:FB:0B:3E:9D:57:6D:7A:32:8F:06:1E:2A"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: claim-pippin.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claim-pippin.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 21 Mar 2026 06:18:14 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Fri, 20 Mar 2026 21:53:23 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FeTn%2BIu89Oj%2F2vtf2d1FuQqs%2F7skL6Oc9amOIHqu4GbAnmy1MI%2FBQOeP0jB3yYCTMYwLdJId95IbdCr7Brsw%2F6us8SbhmyVFf9Hw%2BNqhgD0%3D\"}]}\r\npriority: u=6,i=?0\r\ncf-ray: 9dfad68e6e6cb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2737,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"2474a027419ab630fb6af72798e44cde","sha1":"9be36038a3502c3ec42d19fa627b0f628f724d43","sha256":"9dfbb45b5cca00ae297a7e6765c3031a213da372751d2af25fd486435817f999","sha512":"75bc026f951979570b4f183940d0a3235ea424072d24bd1bed7244cc5da55c88b1044895b4be2f6560783e0b79ef818a109c20f01875560c50d35406acac5a6a","ssdeep":"","tlshash":"645145a3c5e4c82b6270c2512de77148f9a28497b6182c11b2dc5dcb5fe2f82c87332b","first_seen":"2026-03-21T06:18:38.586746Z","last_seen":"2026-03-21T06:21:26.577017Z","times_seen":2,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"claim-pippin.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}